Lucene search
PRIOn knowledge basePRION:CVE-2008-5967HistoryJan 26, 2009 - 8:30 p.m.
Directory traversal
2009-01-2620:30:00
PRIOn knowledge base
www.prio-n.com
1
admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web root.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpicalendar | eq | 2.22 | |
| phpicalendar | eq | 2.21 | |
| phpicalendar | eq | 2.23 rc1 | |
| phpicalendar | eq | 2.2 | |
| phpicalendar | eq | 0.9 | |
| phpicalendar | eq | 2.0.1 | |
| phpicalendar | eq | 2.23 | |
| phpicalendar | eq | 1.1 | |
| phpicalendar | eq | 0.8 | |
| phpicalendar | eq | 2.24 |
Related
ubuntucve
ubuntucve
CVE-2008-5967
2009-01-26 00:00:00
nvd
nvd
CVE-2008-5967
2009-01-26 20:30:00
cve
cve
CVE-2008-5967
2009-01-26 20:30:00
cvelist
cvelist
CVE-2008-5967
2009-01-26 20:00:00
openvas
openvas
Multiple Vulnerabilities in PHP iCalendar
2009-01-29 00:00:00
Multiple Vulnerabilities in PHP iCalendar
2009-01-29 00:00:00