Lucene search
K

4 matches found

Cvelist
Cvelist
added 2006/01/12 11:0 a.m.34 views

CVE-2006-0183

Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...

7.4AI score0.01323EPSS
Exploits0References7
CVE
CVE
added 2006/01/12 11:0 a.m.56 views

CVE-2006-0182

CVE-2006-0182 affects ACal Calendar Project 2.2.5. The vulnerability in login.php allows remote bypass of authentication by setting the ACalAuthenticate cookie to the literal value “inside,” enabling unauthorized access. Relatedly, CVE-2006-0183 in edit.php permits authenticated users to execute ...

7.5CVSS6.8AI score0.01908EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/01/12 11:0 a.m.30 views

CVE-2006-0182

login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside"...

6.8AI score0.01908EPSS
Exploits0References7
Prion
Prion
added 2006/01/12 6:2 a.m.20 views

Code injection

Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...

6.5CVSS7.7AI score0.01908EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder