Vulnerabilities > Phpicalendar

DATE	CVE	VULNERABILITY TITLE	RISK
2011-09-24	CVE-2011-3780	Information Exposure vulnerability in PHPicalendar PHP Icalendar 2.4 PHP iCalendar 2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by rss/rss_common.php and certain other files. network low complexity phpicalendar CWE-200	5.0
2009-01-26	CVE-2008-5968	Path Traversal vulnerability in PHPicalendar Directory traversal vulnerability in print.php in PHP iCalendar 2.24 and earlier allows remote attackers to include and execute arbitrary local files via a .. network low complexity phpicalendar CWE-22	7.5
2009-01-26	CVE-2008-5967	Improper Authentication vulnerability in PHPicalendar admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require administrative authentication for an addupdate action, which allows remote attackers to upload a calendar (aka .ics) file with arbitrary content to the calendars/ directory outside the web root. network low complexity phpicalendar CWE-287	7.5
2009-01-05	CVE-2008-5840	Permissions, Privileges, and Access Controls vulnerability in PHPicalendar and PHPicalendar2.0 PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1. network low complexity phpicalendar CWE-264	7.5

Vulnerabilities > Phpicalendar {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpicalendar"}]}