Vulnerabilities > CVE-2004-1506 - Unspecified vulnerability in Webcalendar

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

webcalendar

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags.

Vulnerable Configurations

Part	Description	Count
Application	Webcalendar Webcalendar Webcalendar 0.9.16 Webcalendar Webcalendar 0.9.28 Webcalendar Webcalendar 0.9.39 Webcalendar Webcalendar 0.9.15 Webcalendar Webcalendar 0.9.38 Webcalendar Webcalendar 0.9.34 Webcalendar Webcalendar 0.9.44 Webcalendar Webcalendar 0.9.20 Webcalendar Webcalendar 0.9.37 Webcalendar Webcalendar 0.9.21 Webcalendar Webcalendar 0.9.22 Webcalendar Webcalendar 0.9.29 Webcalendar Webcalendar 0.9.11 Webcalendar Webcalendar 0.9.23 Webcalendar Webcalendar 0.9.24 Webcalendar Webcalendar 0.9.31 Webcalendar Webcalendar 0.9.25 Webcalendar Webcalendar 0.9.42 Webcalendar Webcalendar 0.9.8 Webcalendar Webcalendar 0.9.26 Webcalendar Webcalendar 0.9.43 Webcalendar Webcalendar 0.9.19 Webcalendar Webcalendar 0.9.27 Webcalendar Webcalendar 0.9.36 Webcalendar Webcalendar 0.9.30 Webcalendar Webcalendar 0.9.32 Webcalendar Webcalendar 0.9.33 Webcalendar Webcalendar 0.9.40 Webcalendar Webcalendar 0.9.41 Webcalendar Webcalendar 0.9.35	30

Summary

Vulnerable Configurations

References