Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webcalendar webcalendar 0.9.45 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-0474
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote malicious users to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
Webcalendar Webcalendar 0.9.45
NA
CVE-2007-1483
Multiple PHP remote file inclusion vulnerabilities in WebCalendar 0.9.45 allow remote malicious users to execute arbitrary PHP code via a URL in the includedir parameter to (1) login.php, (2) get_reminders.php, or (3) get_events.php.
K5n Webcalendar 0.9.45
1 EDB exploit
NA
CVE-2005-2320
WebCalendar prior to 1.0.0 does not properly restrict access to assistant_edit.php, which allows remote malicious users to gain privileges.
Webcalendar Webcalendar 0.9.26
Webcalendar Webcalendar 0.9.27
Webcalendar Webcalendar 0.9.28
Webcalendar Webcalendar 0.9.29
Webcalendar Webcalendar 0.9.42
Webcalendar Webcalendar 0.9.43
Webcalendar Webcalendar 0.9.44
Webcalendar Webcalendar 0.9.45
Webcalendar Webcalendar 0.9.50
Webcalendar Webcalendar 0.9.15
Webcalendar Webcalendar 0.9.16
Webcalendar Webcalendar 0.9.19
Webcalendar Webcalendar 0.9.20
Webcalendar Webcalendar 0.9.34
Webcalendar Webcalendar 0.9.35
Webcalendar Webcalendar 0.9.36
Webcalendar Webcalendar 0.9.37
Webcalendar Webcalendar 0.9.22
Webcalendar Webcalendar 0.9.24
Webcalendar Webcalendar 0.9.31
Webcalendar Webcalendar 0.9.33
Webcalendar Webcalendar 0.9.38
NA
CVE-2007-1343
includes/functions.php in Craig Knudsen WebCalendar prior to 1.0.5 does not protect the noSet variable from external modification, which allows remote malicious users to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant...
Webcalendar Webcalendar 1.0.2
Webcalendar Webcalendar 1.0.3
Webcalendar Webcalendar 1.0.0
Webcalendar Webcalendar 1.0.1
Webcalendar Webcalendar 1.0.4
NA
CVE-2006-2247
WebCalendar 1.0.1 to 1.0.3 generates different error messages depending on whether or not a username is valid, which allows remote malicious users to enumerate valid usernames.
Webcalendar Webcalendar 1.0.1
Webcalendar Webcalendar 1.0.2
Webcalendar Webcalendar 1.0.3
NA
CVE-2006-6669
Cross-site scripting (XSS) vulnerability in export_handler.php in WebCalendar 1.0.4 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the format parameter.
Webcalendar Webcalendar 1.0.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started