4 matches found
Debian: Security Advisory (DSA-1002-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WebCalendar < 1.0.2 Multiple Vulnerabilities
The remote version of WebCalendar does not validate input to the 'id' and 'format' parameters of the 'exporthandler.php' script before using it to overwrite files on the remote host, subject to the privileges of the web server user id. In addition, the 'activitylog.php', 'adminhandler.php',...
CVE-2005-3961
WebCalendar 1.0.1 is affected by CVE-2005-3961 due to missing input sanitising in the export_handler.php flow, enabling remote attackers to overwrite local WebCalendar data files by supplying a modified id parameter. Multiple OpenVAS/NASL and CVE references confirm this vulnerability and characte...
CVE-2005-3961
exporthandler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter...