8563 matches found
CVE-2004-1528
The CVE-2004-1528 issue affects the Event Calendar module 2.13 for PHP-Nuke. It allows remote attackers to disclose sensitive information by triggering errors in HTTP requests to config.php, index.php, or submit.php, revealing the full path in an error message. The documentation does not specify ...
CVE-2004-1528
The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to 1 config.php, 2 index.php, or 3 submit.php, which reveal the full path in an error message...
CVE-2004-1529
Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...
CVE-2004-1530
SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...
HP-UX PHSS_19483 : HPSBUX9908-102 Security Vulnerability in rpc.cmsd (rev.2)
s700800 11.00 CDE Runtime AUG 99 Cumulative Patch : Buffer overflow vulnerability in the CDE Calendar Manager Service Daemon, rpc.cmsd. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS19483. The text itself...
CVE-2004-1467
Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...
CVE-2004-1400
The vulnerability CVE-2004-1400 affects Ocean12 ASP Calendar. The public-facing control panel does not require authentication, permitting remote attackers to gain unauthorized access by requesting main.asp (and related admin paths). This unauthenticated access can enable attackers to perform priv...
CVE-2004-1400
The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp...
CVE-2004-1423
PHP-Calendar (Sean Proctor) before 0.10.1 contains multiple remote file inclusion flaws. The vulnerability is triggered by a URL in the phpc_root_path parameter to includes/calendar.php or includes/setup.php, allowing remote attackers to execute arbitrary PHP code. Affected product: PHP-Calendar;...
Ocean12 ASP Calendar Administrative Interface Access
Binary data 2540.prm...
CVE-2004-1289
Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...
CVE-2004-1289
Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...
DEBIAN-CVE-2004-1289
Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...
CVE-2004-1289
Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...
phpcalendar.txt
GulfTech Security Research December 28th, 2004 Vendor : Sean Proctor URL : http://php-calendar.sourceforge.net/ Version : All Versions Risk : File Include Vulnerability Description: I was searching for a decent calendar which my group at school could use to keep track of events, etc. We were...
CVE-2004-1529
Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...
CVE-2004-1423
Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office VLO and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpcrootpath parameter to 1 includes/calendar.ph...
CVE-2004-1530
SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...
CVE-2004-1400
The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp...
CVE-2004-1552
SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via 1 the username field on the login page or 2 the eventid parameter to calendar.asp...