Lucene search
K

100 matches found

Prion
Prion
added 2006/03/19 11:2 p.m.17 views

Directory traversal

Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in the phpicalendarcookielanguage and phpicalendarcookiestyle cookies, as...

5CVSS7.7AI score0.02783EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/03/19 11:0 p.m.23 views

CVE-2006-1292

Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in the phpicalendarcookielanguage and phpicalendarcookiestyle cookies, as...

7.1AI score0.02783EPSS
Exploits0References4
CVE
CVE
added 2006/03/19 11:0 p.m.56 views

CVE-2006-1291

CVE-2006-1291 affects PHP iCalendar versions prior to 2.25. The vulnerability allows remote attackers to upload and execute arbitrary PHP scripts by exploiting unauthenticated write access to the calendars directory via a WebDAV PUT request with a filename ending in .php plus a trailing null char...

7.5CVSS7.7AI score0.06934EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2006/03/19 11:0 p.m.45 views

CVE-2006-1292

CVE-2006-1292 is a directory-traversal vulnerability in PHP iCalendar 2.21 and earlier. An attacker can cause local file inclusion and remote code execution by manipulating cookies phpicalendar[cookie_language] and phpicalendar[cookie_style] (with a NUL/%00) so that PHP sequences injected into an...

5CVSS7.1AI score0.02783EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/03/17 12:0 a.m.9 views

PHP iCalendar Local File Inclusion

Binary data 3479.prm...

7.5CVSS7AI score0.14473EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2006/03/17 12:0 a.m.41 views

PHP iCalendar publish.ical.php Arbitrary File Upload

The remote host appears to be running PHP iCalendar, a web-based iCal file viewer / parser written in PHP. The installed version of PHP iCalendar supports iCal publishing but does not properly restrict the types of files uploaded and places them in a web-accessible directory. An unauthenticated...

7.5CVSS6AI score0.06934EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/03/16 12:0 a.m.24 views

PHP iCalendar Cookie Data Traversal Local File Inclusion

The remote host appears to be running PHP iCalendar, a web-based iCal file viewer / parser written in PHP. The version of PHP iCalendar installed on the remote host fails to sanitize input to cookie data normally used to store language and template user preferences before using it in a PHP...

5CVSS6.3AI score0.02783EPSS
Exploits0References2
0day.today
0day.today
added 2006/03/15 12:0 a.m.53 views

php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================ php iCalendar arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; short explaination: phpICal stores language & template user preferences inside...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/15 12:0 a.m.45 views

PHP iCalendar 2.21 - &#039;cookie&#039; Remote Code Execution

!/usr/bin/php -q -d shortopentag=on arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; short explaination: phpICal stores language & template user preferences inside cookies. Theese values are used to include...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/03/15 12:0 a.m.12 views

PHP iCalendar 2.21 - cookie Remote Code Execution

PHP iCalendar 2.21 - cookie Remote Code Execution !/usr/bin/php -q -d shortopentag=on arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; short explaination: phpICal stores language & template user preferences...

0.4AI score
Exploits0
0day.today
0day.today
added 2006/03/15 12:0 a.m.1567 views

php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================================== php iCalendar autisticiorg\r\n"; echo "this works if "phpicalendarpublishing" is set to 1 in config.inc.php\r\n\r\n"; short explaination: phpICal lets users...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/03/15 12:0 a.m.29 views

php iCalendar &lt;= 2.21 (Cookie) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "php iCalendar =2.21 "cookielanguage"/"cookiestyle" remote cmmnds xctn\r\n"; echo "- arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodATautisticiDOTorg\r\n"; echo "site:...

7.1AI score
Exploits0
NVD
NVD
added 2006/02/13 11:6 a.m.17 views

CVE-2006-0648

Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2.1, and 2.2 allow remote attackers to include arbitrary files via the 1 getdate and possibly other parameters used in the replacefiles function in search.php and 2 $file variable as used in the parse function in...

5CVSS7.2AI score0.02068EPSS
Exploits1References8
Prion
Prion
added 2006/02/13 11:6 a.m.12 views

Directory traversal

Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2.1, and 2.2 allow remote attackers to include arbitrary files via the 1 getdate and possibly other parameters used in the replacefiles function in search.php and 2 $file variable as used in the parse function in...

5CVSS7.4AI score0.02068EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2006/02/13 11:0 a.m.41 views

CVE-2006-0648

PHP iCalendar 2.0.1, 2.1, and 2.2 contain directory traversal/remote file inclusion vulnerabilities. The issues arise from input validation failures in search.php (getdate) and template.php (file) that allow an attacker to include arbitrary files and, if PHP register_globals is enabled, may enabl...

5CVSS7.2AI score0.02068EPSS
Exploits1References8Affected Software1
securityvulns
securityvulns
added 2006/02/09 12:0 a.m.48 views

[eVuln] PHP iCalendar File Inclusion Vulnerability

New eVuln Advisory: PHP iCalendar File Inclusion Vulnerability http://evuln.com/vulns/70/summary.html --------------------Summary---------------- eVuln ID: EV0070 Software: PHP iCalendar Sowtware's Web Site: http://phpicalendar.net/ Versions: 2.0.1 2.1 2.2 Critical Level: Dangerous Type: File...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/02/09 12:0 a.m.57 views

PHP iCalendar Multiple Script Remote File Inclusion

The remote host appears to be running PHP iCalendar, a web-based iCal file viewer / parser written in PHP. The installed version of PHP iCalendar fails to validate user input to the 'getdate' parameter of the 'search.php' script as well as the 'file' parameter of 'template.php' script. Provided...

5CVSS6AI score0.02068EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2005/10/27 12:0 a.m.24 views

PHP iCalendar Cross Site Scripting

PHP iCalendar CSS Name Cross-Site-Scripting Vulnerabilities in PHP iCalendar Systems Affected PHP iCalendar 2.0a2, 2.0b, 2.0c, 2.0.1 Severity Medium Risk Vendor http://www.phpicalendar.net Advisory http://www.ush.it/2005/10/25/php-icalendar-css/ Additional it...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/10/27 12:0 a.m.33 views

PHP iCalendar index.php phpicalendar Parameter Remote File Inclusion

The remote host appears to be running PHP iCalendar, a web-based iCal file viewer / parser written in PHP. The version of PHP iCalendar installed on the remote host fails to sanitize the 'phpicalendar' cookie before using it in 'index.php' to include PHP code from a separate file. By leveraging...

6.8CVSS6.2AI score0.0237EPSS
Exploits1References2
securityvulns
securityvulns
added 2005/10/25 12:0 a.m.36 views

[Full-disclosure] PHP iCalendar CSS

PHP iCalendar CSS Name Cross-Site-Scripting Vulnerabilities in PHP iCalendar Systems Affected PHP iCalendar 2.0a2, 2.0b, 2.0c, 2.0.1 Severity Medium Risk Vendor http://www.phpicalendar.net Advisory http://www.ush.it/2005/10/25/php-icalendar-css/ Additional it...

0.1AI score
Exploits0
Rows per page
Query Builder