5 matches found
Debian: Security Advisory (DSA-1267-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1267-1 (webcalendar)
The remote host is missing an update to webcalendar announced via advisory DSA 1267-1. It was discovered that WebCalendar, a PHP-based calendar application, insufficiently protects an internal variable, which allows remote file inclusion. OpenVAS Vulnerability Test $Id: deb12671.nasl 6616...
FreeBSD : WebCalendar -- 'noSet' variable overwrite vulnerability (72999d57-d6f6-11db-961b-005056847b26)
Secunia reports : A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system. Input passed to unspecified parameters is not properly verified before being used with the 'noSet' parameter set. This can be exploited to overwrite...
CVE-2007-1343
includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant vulnerabilities that...
CVE-2007-1343
CVE-2007-1343 concerns WebCalendar, a PHP-based calendar app. The vulnerability arises from WebCalendar’s includes/functions.php not protecting the internal variable noSet from external modification, enabling remote attackers to overwrite variables via a URL-modified noSet parameter, which can le...