2 matches found
CVE-2014-8675
CVE-2014-8675 affects Soplanning 1.32 and earlier. The issue arises from static ICAL calendar sharing links that embed login information, enabling an attacker to brute-force the embedded password hash and obtain a calendar owner’s password. Connected sources corroborate that SOPlanning
Simple Online Planning Tool 1.3.2 XSS / SQL Injection / Traversal
SOPlanning - Simple Online Planning Tool multiple vulnerabilities CVEs: CVE-2014-8673, CVE-2014-8674, CVE-2014-8675, CVE-2014-8676, CVE-2014-8677 Vendor: http://www.soplanning.org/ Product: SOPlanning - Simple Online Planning Version affected: 1.32 and prior Product description: SO Planning is an...