7.5
CVE-2004-1508
- EPSS 0.87%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Logininit.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webcalendar ≫ Webcalendar Version0.9.8
Webcalendar ≫ Webcalendar Version0.9.11
Webcalendar ≫ Webcalendar Version0.9.15
Webcalendar ≫ Webcalendar Version0.9.16
Webcalendar ≫ Webcalendar Version0.9.19
Webcalendar ≫ Webcalendar Version0.9.20
Webcalendar ≫ Webcalendar Version0.9.21
Webcalendar ≫ Webcalendar Version0.9.22
Webcalendar ≫ Webcalendar Version0.9.23
Webcalendar ≫ Webcalendar Version0.9.24
Webcalendar ≫ Webcalendar Version0.9.25
Webcalendar ≫ Webcalendar Version0.9.26
Webcalendar ≫ Webcalendar Version0.9.27
Webcalendar ≫ Webcalendar Version0.9.28
Webcalendar ≫ Webcalendar Version0.9.29
Webcalendar ≫ Webcalendar Version0.9.30
Webcalendar ≫ Webcalendar Version0.9.31
Webcalendar ≫ Webcalendar Version0.9.32
Webcalendar ≫ Webcalendar Version0.9.33
Webcalendar ≫ Webcalendar Version0.9.34
Webcalendar ≫ Webcalendar Version0.9.35
Webcalendar ≫ Webcalendar Version0.9.36
Webcalendar ≫ Webcalendar Version0.9.37
Webcalendar ≫ Webcalendar Version0.9.38
Webcalendar ≫ Webcalendar Version0.9.39
Webcalendar ≫ Webcalendar Version0.9.40
Webcalendar ≫ Webcalendar Version0.9.41
Webcalendar ≫ Webcalendar Version0.9.42
Webcalendar ≫ Webcalendar Version0.9.43
Webcalendar ≫ Webcalendar Version0.9.44
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.87% | 0.731 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|