Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbLwangEDB-ID:26691
HistoryDec 01, 2005 - 12:00 a.m.

WebCalendar 1.0.1 - 'Layers_Toggle.php' HTTP Response Splitting

2005-12-0100:00:00
lwang
www.exploit-db.com
13

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/15673/info

WebCalendar is prone to an HTTP response-splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.

WebCalendar 1.0.1 is vulnerable; other versions may also be affected. 

http://www.example.com/webcalendar/layers_toggle.php?status=on&ret=[url_redirect_to]

Related

cvelist 1
nvd 1
ubuntucve 1
cve 1
openvas 2
nessus 2
debian 2
osv 1
cvelist
cvelist
CVE-2005-3982
2005-12-04 11:00:00
nvd
nvd
CVE-2005-3982
2005-12-04 11:03:00
ubuntucve
ubuntucve
CVE-2005-3982
2005-12-04 00:00:00
cve
cve
CVE-2005-3982
2005-12-04 11:03:00
openvas
openvas
Debian Security Advisory DSA 1002-1 (webcalendar)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1002-1)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-1002-1 : webcalendar - several vulnerabilities
2006-10-14 00:00:00
WebCalendar < 1.0.2 Multiple Vulnerabilities
2005-12-02 00:00:00
debian
debian
[SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities
2006-03-15 08:42:49
[SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities
2006-03-15 08:42:49
osv
osv
webcalendar - several
2006-03-15 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:26691
cvelist1nvd1ubuntucve1cve1openvas2nessus2debian2osv1