Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
php icalendar php icalendar 2.0c vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2005-3366
PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 up to and including 2.0.1 allows remote malicious users to execute arbitrary PHP code and include arbitrary local files via the phpicalendar cookie. NOTE: this is not a cross-site scripting (XSS) issue as claime...
Php Icalendar Php Icalendar 2.0.1
Php Icalendar Php Icalendar 2.0a2
Php Icalendar Php Icalendar 2.0b
Php Icalendar Php Icalendar 2.0c
755
VMScore
CVE-2006-1291
publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and previous versions does not require authentication for write access to the calendars directory, which allows remote malicious users to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filenam...
Php Icalendar Php Icalendar 2.0
Php Icalendar Php Icalendar 2.0.1
Php Icalendar Php Icalendar 2.0a2
Php Icalendar Php Icalendar 2.0b
Php Icalendar Php Icalendar 2.0c
Php Icalendar Php Icalendar 2.1
Php Icalendar Php Icalendar
1 EDB exploit
505
VMScore
CVE-2006-1292
Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and previous versions allows remote malicious users to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and php...
Php Icalendar Php Icalendar 2.0
Php Icalendar Php Icalendar 2.0.1
Php Icalendar Php Icalendar 2.0a2
Php Icalendar Php Icalendar 2.0b
Php Icalendar Php Icalendar 2.0c
Php Icalendar Php Icalendar 2.1
Php Icalendar Php Icalendar
1 EDB exploit
755
VMScore
CVE-2008-5840
PHP iCalendar 2.24 and previous versions allows remote malicious users to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar2.0 Alpha Test
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.7
1 EDB exploit
755
VMScore
CVE-2008-5968
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector than CVE-2006-1...
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.7
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar
1 EDB exploit
755
VMScore
CVE-2008-5967
admin/index.php in PHP iCalendar 2.3.4, 2.24, and previous versions does not require administrative authentication for an addupdate action, which allows remote malicious users to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web ...
Phpicalendar Phpicalendar 0.9
Phpicalendar Phpicalendar 0.8
Phpicalendar Phpicalendar 0.9.5
Phpicalendar Phpicalendar 2.0
Phpicalendar Phpicalendar 2.23
Phpicalendar Phpicalendar 1.1
Phpicalendar Phpicalendar 1.0
Phpicalendar Phpicalendar 2.21
Phpicalendar Phpicalendar 2.22
Phpicalendar Phpicalendar 0.7
Phpicalendar Phpicalendar 2.1
Phpicalendar Phpicalendar 2.2
Phpicalendar Phpicalendar 2.0c
Phpicalendar Phpicalendar 2.0.1
Phpicalendar Phpicalendar 2.24
Phpicalendar Phpicalendar
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started