Lucene search
+L

8563 matches found

CVE
CVE
added 2005/02/19 5:0 a.m.36 views

CVE-2004-1528

The CVE-2004-1528 issue affects the Event Calendar module 2.13 for PHP-Nuke. It allows remote attackers to disclose sensitive information by triggering errors in HTTP requests to config.php, index.php, or submit.php, revealing the full path in an error message. The documentation does not specify ...

5CVSS7AI score0.01541EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2005/02/19 5:0 a.m.22 views

CVE-2004-1528

The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to 1 config.php, 2 index.php, or 3 submit.php, which reveal the full path in an error message...

6.6AI score0.01541EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/02/19 5:0 a.m.20 views

CVE-2004-1529

Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...

6.2AI score0.01376EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/02/19 5:0 a.m.19 views

CVE-2004-1530

SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...

8.4AI score0.01324EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2005/02/16 12:0 a.m.26 views

HP-UX PHSS_19483 : HPSBUX9908-102 Security Vulnerability in rpc.cmsd (rev.2)

s700800 11.00 CDE Runtime AUG 99 Cumulative Patch : Buffer overflow vulnerability in the CDE Calendar Manager Service Daemon, rpc.cmsd. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHSS19483. The text itself...

5.5AI score
Exploits0
Cvelist
Cvelist
added 2005/02/13 5:0 a.m.29 views

CVE-2004-1467

Multiple cross-site scripting XSS vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 date or search text field in the calendar module, 2 Field parameter, Filter parameter, QField parameter, Start parameter or Search field in th...

5.7AI score0.0362EPSS
Exploits1References5
CVE
CVE
added 2005/02/12 5:0 a.m.44 views

CVE-2004-1400

The vulnerability CVE-2004-1400 affects Ocean12 ASP Calendar. The public-facing control panel does not require authentication, permitting remote attackers to gain unauthorized access by requesting main.asp (and related admin paths). This unauthenticated access can enable attackers to perform priv...

7.5CVSS7.1AI score0.0722EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2005/02/12 5:0 a.m.18 views

CVE-2004-1400

The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp...

7.1AI score0.0722EPSS
Exploits1References3
CVE
CVE
added 2005/02/12 5:0 a.m.71 views

CVE-2004-1423

PHP-Calendar (Sean Proctor) before 0.10.1 contains multiple remote file inclusion flaws. The vulnerability is triggered by a URL in the phpc_root_path parameter to includes/calendar.php or includes/setup.php, allowing remote attackers to execute arbitrary PHP code. Affected product: PHP-Calendar;...

7.5CVSS7.6AI score0.15469EPSS
Exploits3References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/01/19 12:0 a.m.13 views

Ocean12 ASP Calendar Administrative Interface Access

Binary data 2540.prm...

7.5CVSS7.3AI score0.0722EPSS
Exploits1References1
NVD
NVD
added 2005/01/10 5:0 a.m.12 views

CVE-2004-1289

Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...

10CVSS7.5AI score0.14689EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2005/01/10 5:0 a.m.27 views

CVE-2004-1289

Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...

10CVSS6.4AI score0.14689EPSS
Exploits1References1
OSV
OSV
added 2005/01/10 5:0 a.m.3 views

DEBIAN-CVE-2004-1289

Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...

10CVSS8.1AI score0.14689EPSS
Exploits1References1
OSV
OSV
added 2005/01/10 5:0 a.m.8 views

CVE-2004-1289

Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...

7.5AI score
Exploits0References3
Packet Storm
Packet Storm
added 2005/01/02 12:0 a.m.31 views

phpcalendar.txt

GulfTech Security Research December 28th, 2004 Vendor : Sean Proctor URL : http://php-calendar.sourceforge.net/ Version : All Versions Risk : File Include Vulnerability Description: I was searching for a decent calendar which my group at school could use to keep track of events, etc. We were...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-1529

Cross-site scripting XSS vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary web script via the 1 type, 2 day, 3 month, or 4 year parameters in a Preview operation, or 5 event comments...

4.3CVSS6.2AI score0.01376EPSS
Exploits1References6
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-1423

Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office VLO and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpcrootpath parameter to 1 includes/calendar.ph...

7.5CVSS7.6AI score0.15469EPSS
Exploits3References12
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-1530

SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the 1 eid or 2 cid parameters...

7.5CVSS8.4AI score0.01324EPSS
Exploits1References5
NVD
NVD
added 2004/12/31 5:0 a.m.10 views

CVE-2004-1400

The control panel in ASP Calendar does not require authentication to access, which allows remote attackers to gain unauthorized access via a direct request to main.asp...

7.5CVSS7.1AI score0.0722EPSS
Exploits1References3
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-1552

SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via 1 the username field on the login page or 2 the eventid parameter to calendar.asp...

7.5CVSS8.1AI score0.04077EPSS
Exploits1References9
Rows per page
Query Builder