CVE-2004-1510

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-1510
WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_entry.php or (2) upcoming.php.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://marc.info/?l=bugtraq&m=110011618724455&w=2
http://secunia.com/advisories/13164 Vendor Advisory
http://www.securityfocus.com/bid/11651 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/18030
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:webcalendar:webcalendar:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.15:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.19:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.20:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.21:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.22:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.23:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.24:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.25:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.26:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.27:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.28:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.29:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.30:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.31:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.32:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.33:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.34:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.35:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.36:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.37:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.38:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.39:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.40:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.41:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.42:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.43:*:*:*:*:*:*:*
cpe:2.3:a:webcalendar:webcalendar:0.9.44:*:*:*:*:*:*:*
History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2017-07-11 01:31

NVD link : CVE-2004-1510

Mitre link : CVE-2004-1510

CVE.ORG link : CVE-2004-1510

JSON object : View

Products Affected

webcalendar

  • webcalendar
CWE
NVD-CWE-Other