EUVD-2005-4157

Malware in sbrugna...

PerlCal 2.x Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2663/info PerlCal is a CGI script written by Acme Software that allows web-based calendar sharing and related functions. A vulnerability exists in PerlCal which can allow a remote user to traverse the filesystem of a targ...

CVE-2005-4162

Cross-site scripting XSS vulnerability in calmake.pl in ACME PerlCal 2.99.20 allows remote attackers to inject arbitrary web script or HTML via the p0 parameter...

CVE-2005-4162

CVE-2005-4162 : An XSS vulnerability exists in ACME PerlCal 2.99.20, in the cal_make.pl component, allowing remote attackers to inject arbitrary web script or HTML via the p0 parameter. The issue stems from insufficient input handling in the affected script, enabling script execution when the pag...

[SA17953] PerlCal "p0" Cross-Site Scripting Vulnerability

TITLE: PerlCal "p0" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA17953 VERIFY ADVISORY: http://secunia.com/advisories/17953/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PerlCal 2.x http://secunia.com/product/6402/ DESCRIPTION: $um$id has reported...

CVE-2001-0463

CVE-2001-0463 concerns a directory traversal in the PerlCal component cal_make.pl that allows remote attackers to read arbitrary files by supplying ".." in the p0 parameter. The vulnerability arises from improper handling of file paths in this CGI, enabling access to files the web server user cou...

CVE-2001-0463

Directory traversal vulnerability in calmake.pl in PerlCal allows remote attackers to read arbitrary files via a .. dot dot in the p0 parameter...

EUVD-2001-0459

Directory traversal vulnerability in calmake.pl in PerlCal allows remote attackers to read arbitrary files via a .. dot dot in the p0 parameter...

CVE-2001-0463

Directory traversal vulnerability in calmake.pl in PerlCal allows remote attackers to read arbitrary files via a .. dot dot in the p0 parameter...

PerlCal cal_make.pl p0 Parameter Traversal Arbitrary File Read

The 'calmake.pl' cgi is installed on the remote host. This CGI has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc';...

perlcal.txt

whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...

PerlCal (CGI) show files vulnerability

whizkunde security advisory: PerlCal CGI http://www.whizkunde.org | [email protected] ---------------------------------------------------------- Release date: April 27th 2001 Subject: PerlCal CGI security problem Systems affected: NIX not windows systems running PerlCal CGI script Vendor:...

PerlCal 2.x - Directory Traversal

source: https://www.securityfocus.com/bid/2663/info PerlCal is a CGI script written by Acme Software that allows web-based calendar sharing and related functions. A vulnerability exists in PerlCal which can allow a remote user to traverse the filesystem of a target host. This may lead to the...

PerlCal 2.x - Directory Traversal

PerlCal 2.x - Directory Traversal source: https://www.securityfocus.com/bid/2663/info PerlCal is a CGI script written by Acme Software that allows web-based calendar sharing and related functions. A vulnerability exists in PerlCal which can allow a remote user to traverse the filesystem of a targ...