Lucene search
HistoryJul 19, 2005 - 4:00 a.m.
CVE-2005-2320
webcalendar
cve-2005-2320
security vulnerability
privilege escalation
nvd
access restriction
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.9%
WebCalendar before 1.0.0 does not properly restrict access to assistant_edit.php, which allows remote attackers to gain privileges.
References
Related
openvas
openvas
FreeBSD Ports: WebCalendar
2008-09-04 00:00:00
Debian: Security Advisory (DSA-766-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 766-1 (webcalendar)
2008-01-17 00:00:00
ubuntucve
ubuntucve
CVE-2005-2320
2005-07-19 00:00:00
nessus
nessus
FreeBSD : WebCalendar -- unauthorized access vulnerability (07ead557-a220-11da-b410-000e0c2e438a)
2006-05-13 00:00:00
Debian DSA-766-1 : webcalendar - authorisation failure
2005-07-31 00:00:00
WebCalendar assistant_edit.php Unauthorized Access
2005-06-28 00:00:00
debian
debian
[SECURITY] [DSA 766-1] New webcalendar package fixes information disclosure
2005-07-27 06:22:47
[SECURITY] [DSA 766-1] New webcalendar package fixes information disclosure
2005-07-27 06:22:47
freebsd
freebsd
WebCalendar -- unauthorized access vulnerability
2005-06-27 00:00:00
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.9%
Related for CVE-2005-2320