5 matches found
CVE-2005-2320
WebCalendar before 1.0.0 does not properly restrict access to assistantedit.php, which allows remote attackers to gain privileges...
FreeBSD Ports: WebCalendar
The remote host is missing an update to the system as announced in the referenced advisory. VID 07ead557-a220-11da-b410-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian Security Advisory DSA 766-1 (webcalendar)
The remote host is missing an update to webcalendar announced via advisory DSA 766-1. A vulnerability has been discovered in webcalendar, a PHP based multi-user calendar, that can lead to the disclosure of sensitive information to unauthorised parties. the old stable distribution woody does not...
FreeBSD : WebCalendar -- unauthorized access vulnerability (07ead557-a220-11da-b410-000e0c2e438a)
SecurityFocus reports that WebCalendar is affected by an unauthorized access vulnerability. The vulnerability is caused by improper checking of the authentication mechanism before access is being permitted to the 'assistantedit.php' file. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2005-2320
WebCalendar (PHP-based calendar) before 1.0.0 contains an access-control flaw in assistant_edit.php that can let remote attackers gain privileges. Affected versions are WebCalendar prior to 1.0.0; multiple advisories (Debian DSA-766-1, Red Hat CVE note) confirm an unauthorized-access/privilege di...