Lucene search
HistoryJan 26, 2009 - 8:30 p.m.
CVE-2008-5968
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.014
Percentile
86.4%
Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and earlier allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the cookie_language parameter in a phpicalendar_* cookie, a different vector than CVE-2006-1292.
Affected configurations
Node
phpicalendarphpicalendarRange≤2.24
ORphpicalendarphpicalendarMatch0.7
ORphpicalendarphpicalendarMatch0.8
ORphpicalendarphpicalendarMatch0.9
ORphpicalendarphpicalendarMatch0.9.5
ORphpicalendarphpicalendarMatch1.0
ORphpicalendarphpicalendarMatch1.1
ORphpicalendarphpicalendarMatch2.0beta
ORphpicalendarphpicalendarMatch2.0.1
ORphpicalendarphpicalendarMatch2.0c
ORphpicalendarphpicalendarMatch2.1
ORphpicalendarphpicalendarMatch2.2
ORphpicalendarphpicalendarMatch2.21
ORphpicalendarphpicalendarMatch2.22
ORphpicalendarphpicalendarMatch2.23
ORphpicalendarphpicalendarMatch2.23rc1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpicalendar | phpicalendar | * | cpe:2.3:a:phpicalendar:phpicalendar:*:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 0.7 | cpe:2.3:a:phpicalendar:phpicalendar:0.7:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 0.8 | cpe:2.3:a:phpicalendar:phpicalendar:0.8:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 0.9 | cpe:2.3:a:phpicalendar:phpicalendar:0.9:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 0.9.5 | cpe:2.3:a:phpicalendar:phpicalendar:0.9.5:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 1.0 | cpe:2.3:a:phpicalendar:phpicalendar:1.0:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 1.1 | cpe:2.3:a:phpicalendar:phpicalendar:1.1:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 2.0 | cpe:2.3:a:phpicalendar:phpicalendar:2.0:beta:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 2.0.1 | cpe:2.3:a:phpicalendar:phpicalendar:2.0.1:*:*:*:*:*:*:* |
| phpicalendar | phpicalendar | 2.0c | cpe:2.3:a:phpicalendar:phpicalendar:2.0c:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2008-5968
2009-01-26 00:00:00
cvelist
cvelist
CVE-2008-5968
2009-01-26 20:00:00
CVE-2006-1292
2006-03-19 23:00:00
prion
prion
Directory traversal
2009-01-26 20:30:00
Directory traversal
2006-03-19 23:02:00
cve
cve
CVE-2008-5968
2009-01-26 20:30:00
CVE-2006-1292
2006-03-19 23:02:00
exploitdb
exploitdb
nvd
nvd
CVE-2006-1292
2006-03-19 23:02:00
nessus
nessus
PHP iCalendar Cookie Data Traversal Local File Inclusion
2006-03-16 00:00:00
openvas
openvas
Multiple Vulnerabilities in PHP iCalendar
2009-01-29 00:00:00
Multiple Vulnerabilities in PHP iCalendar
2009-01-29 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.014
Percentile
86.4%
Related for NVD:CVE-2008-5968