5
CVE-2004-1507
- EPSS 0.41%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the return_path parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webcalendar ≫ Webcalendar Version0.9.8
Webcalendar ≫ Webcalendar Version0.9.11
Webcalendar ≫ Webcalendar Version0.9.15
Webcalendar ≫ Webcalendar Version0.9.16
Webcalendar ≫ Webcalendar Version0.9.19
Webcalendar ≫ Webcalendar Version0.9.20
Webcalendar ≫ Webcalendar Version0.9.21
Webcalendar ≫ Webcalendar Version0.9.22
Webcalendar ≫ Webcalendar Version0.9.23
Webcalendar ≫ Webcalendar Version0.9.24
Webcalendar ≫ Webcalendar Version0.9.25
Webcalendar ≫ Webcalendar Version0.9.26
Webcalendar ≫ Webcalendar Version0.9.27
Webcalendar ≫ Webcalendar Version0.9.28
Webcalendar ≫ Webcalendar Version0.9.29
Webcalendar ≫ Webcalendar Version0.9.30
Webcalendar ≫ Webcalendar Version0.9.31
Webcalendar ≫ Webcalendar Version0.9.32
Webcalendar ≫ Webcalendar Version0.9.33
Webcalendar ≫ Webcalendar Version0.9.34
Webcalendar ≫ Webcalendar Version0.9.35
Webcalendar ≫ Webcalendar Version0.9.36
Webcalendar ≫ Webcalendar Version0.9.37
Webcalendar ≫ Webcalendar Version0.9.38
Webcalendar ≫ Webcalendar Version0.9.39
Webcalendar ≫ Webcalendar Version0.9.40
Webcalendar ≫ Webcalendar Version0.9.41
Webcalendar ≫ Webcalendar Version0.9.42
Webcalendar ≫ Webcalendar Version0.9.43
Webcalendar ≫ Webcalendar Version0.9.44
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.583 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|