7.5
CVE-2004-1508
- EPSS 1.63%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Logininit.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webcalendar ≫ Webcalendar Version0.9.8
Webcalendar ≫ Webcalendar Version0.9.11
Webcalendar ≫ Webcalendar Version0.9.15
Webcalendar ≫ Webcalendar Version0.9.16
Webcalendar ≫ Webcalendar Version0.9.19
Webcalendar ≫ Webcalendar Version0.9.20
Webcalendar ≫ Webcalendar Version0.9.21
Webcalendar ≫ Webcalendar Version0.9.22
Webcalendar ≫ Webcalendar Version0.9.23
Webcalendar ≫ Webcalendar Version0.9.24
Webcalendar ≫ Webcalendar Version0.9.25
Webcalendar ≫ Webcalendar Version0.9.26
Webcalendar ≫ Webcalendar Version0.9.27
Webcalendar ≫ Webcalendar Version0.9.28
Webcalendar ≫ Webcalendar Version0.9.29
Webcalendar ≫ Webcalendar Version0.9.30
Webcalendar ≫ Webcalendar Version0.9.31
Webcalendar ≫ Webcalendar Version0.9.32
Webcalendar ≫ Webcalendar Version0.9.33
Webcalendar ≫ Webcalendar Version0.9.34
Webcalendar ≫ Webcalendar Version0.9.35
Webcalendar ≫ Webcalendar Version0.9.36
Webcalendar ≫ Webcalendar Version0.9.37
Webcalendar ≫ Webcalendar Version0.9.38
Webcalendar ≫ Webcalendar Version0.9.39
Webcalendar ≫ Webcalendar Version0.9.40
Webcalendar ≫ Webcalendar Version0.9.41
Webcalendar ≫ Webcalendar Version0.9.42
Webcalendar ≫ Webcalendar Version0.9.43
Webcalendar ≫ Webcalendar Version0.9.44
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.63% | 0.73 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=110011618724455&w=2
http://secunia.com/advisories/13164
http://www.securityfocus.com/bid/11651
https://exchange.xforce.ibmcloud.com/vulnerabilities/18028