CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
82.2%
install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Vendor | Product | Version | CPE |
---|---|---|---|
webcalendar_project | webcalendar | 1.0 | cpe:2.3:a:webcalendar_project:webcalendar:1.0:rc1:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.0 | cpe:2.3:a:webcalendar_project:webcalendar:1.0:rc2:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.0 | cpe:2.3:a:webcalendar_project:webcalendar:1.0:rc3:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.1.1 | cpe:2.3:a:webcalendar_project:webcalendar:1.1.1:*:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.1.2 | cpe:2.3:a:webcalendar_project:webcalendar:1.1.2:*:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.1.3 | cpe:2.3:a:webcalendar_project:webcalendar:1.1.3:*:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.1.4 | cpe:2.3:a:webcalendar_project:webcalendar:1.1.4:*:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.1.5 | cpe:2.3:a:webcalendar_project:webcalendar:1.1.5:*:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.1.6 | cpe:2.3:a:webcalendar_project:webcalendar:1.1.6:*:*:*:*:*:*:* |
webcalendar_project | webcalendar | 1.2 | cpe:2.3:a:webcalendar_project:webcalendar:1.2:b1:*:*:*:*:*:* |