4 matches found
CVE-2008-6736
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...
Design/Logic Flaw
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...
CVE-2008-6736
CVE-2008-6736 affects Flat Calendar 1.1. The issue: improper restriction of access to administrative functions, allowing remote attackers to add events via calAdd.php (reachable from admin/add.php) or delete events via admin/deleteEvent.php. Root cause described in sources as insufficient access ...
CVE-2008-6736
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...