Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-5385
cve-2012-5385
webcalendar
remote code execution
security vulnerability
nvd
7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.8%
install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Affected configurations
Node
webcalendar_projectwebcalendarMatch1.0rc1
ORwebcalendar_projectwebcalendarMatch1.0rc2
ORwebcalendar_projectwebcalendarMatch1.0rc3
ORwebcalendar_projectwebcalendarMatch1.1.1
ORwebcalendar_projectwebcalendarMatch1.1.2
ORwebcalendar_projectwebcalendarMatch1.1.3
ORwebcalendar_projectwebcalendarMatch1.1.4
ORwebcalendar_projectwebcalendarMatch1.1.5
ORwebcalendar_projectwebcalendarMatch1.1.6
ORwebcalendar_projectwebcalendarMatch1.2b1
ORwebcalendar_projectwebcalendarMatch1.2.0
ORwebcalendar_projectwebcalendarMatch1.2.1
ORwebcalendar_projectwebcalendarMatch1.2.2
ORwebcalendar_projectwebcalendarMatch1.2.3
ORwebcalendar_projectwebcalendarMatch1.2.4
Related
nvd
nvd
CVE-2012-5385
2012-10-11 15:55:03
prion
prion
Code injection
2012-10-11 15:55:00
cvelist
cvelist
CVE-2012-5385
2022-10-03 16:15:31
7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
73.8%
Related for CVE-2012-5385