| Max CVSS | 7.5 | Min CVSS | 6.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-0183 | 6.5 |
Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via (1) the edit=header value, which modifies header.php, or (2) the edit=footer value, which modifies foot
|
19-10-2018 - 15:43 | 12-01-2006 - 06:02 | |
| CVE-2006-0182 | 7.5 |
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside".
|
19-10-2018 - 15:43 | 12-01-2006 - 06:02 |