| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1483 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in WebCalendar 0.9.45 allow remote attackers to execute arbitrary PHP code via a URL in the includedir parameter to (1) login.php, (2) get_reminders.php, or (3) get_events.php.
|
16-10-2018 - 16:38 | 16-03-2007 - 21:19 | |
| CVE-2008-2836 | 7.5 |
PHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter and a 0 value for the noSet parameter, a different vector than CVE-2007-148
|
29-09-2017 - 01:31 | 24-06-2008 - 19:41 | |
| CVE-2007-1343 | 7.5 |
includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, wh
|
29-07-2017 - 01:30 | 08-03-2007 - 22:19 |