Vulnerabilities > CVE-2005-4327 - HTML Injection and Cross-Site Scripting vulnerability in WebCal
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt WebCal 1.11-3.04 allow remote attackers to inject arbitrary web script or HTML via the (1) function, (2) year, and (3) date parameters to webcal.cgi, (4) new calendar entries, and (5) notes for entries.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | WebCal 3.0 4 webcal.cgi Multiple Parameter XSS. CVE-2005-4327. Webapps exploit for cgi platform |
| id | EDB-ID:26865 |
| last seen | 2016-02-03 |
| modified | 2005-12-16 |
| published | 2005-12-16 |
| reporter | Stan Bubrouski |
| source | https://www.exploit-db.com/download/26865/ |
| title | WebCal 3.0 4 webcal.cgi Multiple Parameter XSS |