Lucene search
K

4 matches found

NVD
NVD
added 2009/04/21 6:30 p.m.12 views

CVE-2008-6736

Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...

6.4CVSS6.7AI score0.02198EPSS
Exploits1References4
Prion
Prion
added 2009/04/21 6:30 p.m.10 views

Design/Logic Flaw

Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...

6.4CVSS7.2AI score0.02198EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/04/21 6:7 p.m.38 views

CVE-2008-6736

CVE-2008-6736 affects Flat Calendar 1.1. The issue: improper restriction of access to administrative functions, allowing remote attackers to add events via calAdd.php (reachable from admin/add.php) or delete events via admin/deleteEvent.php. Root cause described in sources as insufficient access ...

6.4CVSS6.9AI score0.02198EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2009/04/21 6:7 p.m.20 views

CVE-2008-6736

Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to 1 add new events via calAdd.php, as reachable from admin/add.php, or 2 delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not foll...

6.7AI score0.02198EPSS
Exploits1References4
Rows per page
Query Builder