Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webcalendar webcalendar 1.0.1 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-2247
WebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username is valid, which allows remote malicious users to enumerate valid usernames.
Webcalendar Webcalendar 1.0.1
Webcalendar Webcalendar 1.0.2
Webcalendar Webcalendar 1.0.3
7.5
CVSSv2
CVE-2007-1343
includes/functions.php in Craig Knudsen WebCalendar prior to 1.0.5 does not protect the noSet variable from external modification, which allows remote malicious users to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant...
Webcalendar Webcalendar 1.0.2
Webcalendar Webcalendar 1.0.3
Webcalendar Webcalendar 1.0.0
Webcalendar Webcalendar 1.0.1
Webcalendar Webcalendar 1.0.4
5
CVSSv2
CVE-2005-3982
CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote malicious users to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.
Webcalendar Webcalendar 1.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2005-3949
Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote malicious users to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_template.php, and (4) multiple ...
Webcalendar Webcalendar 1.0.1
5
CVSSv2
CVE-2005-3961
export_handler.php in WebCalendar 1.0.1 allows remote malicious users to overwrite WebCalendar data files via a modified id parameter.
Webcalendar Webcalendar 1.0.1
7.5
CVSSv2
CVE-2005-3984
SQL injection vulnerability in WebCalendar 1.0.1 allows remote malicious users to execute arbitrary SQL commands via the time_range parameter to edit_report_handler.php. NOTE: the startid/activity_log.php vector is already covered by CVE-2005-3949.
Webcalendar Webcalendar 1.0.1
7.5
CVSSv2
CVE-2005-2717
PHP remote file inclusion vulnerability in WebCalendar prior to 1.0.1 allows remote malicious users to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts.
Webcalendar Webcalendar 1.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started