CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequences via the return_path parameter and perform HTTP Response Splitting attacks to modify expected HTML content from the server.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Webcalendar | Webcalendar | 0.9.8 (including) | 0.9.8 (including) |
Webcalendar | Webcalendar | 0.9.11 (including) | 0.9.11 (including) |
Webcalendar | Webcalendar | 0.9.15 (including) | 0.9.15 (including) |
Webcalendar | Webcalendar | 0.9.16 (including) | 0.9.16 (including) |
Webcalendar | Webcalendar | 0.9.19 (including) | 0.9.19 (including) |
Webcalendar | Webcalendar | 0.9.20 (including) | 0.9.20 (including) |
Webcalendar | Webcalendar | 0.9.21 (including) | 0.9.21 (including) |
Webcalendar | Webcalendar | 0.9.22 (including) | 0.9.22 (including) |
Webcalendar | Webcalendar | 0.9.23 (including) | 0.9.23 (including) |
Webcalendar | Webcalendar | 0.9.24 (including) | 0.9.24 (including) |
Webcalendar | Webcalendar | 0.9.25 (including) | 0.9.25 (including) |
Webcalendar | Webcalendar | 0.9.26 (including) | 0.9.26 (including) |
Webcalendar | Webcalendar | 0.9.27 (including) | 0.9.27 (including) |
Webcalendar | Webcalendar | 0.9.28 (including) | 0.9.28 (including) |
Webcalendar | Webcalendar | 0.9.29 (including) | 0.9.29 (including) |
Webcalendar | Webcalendar | 0.9.30 (including) | 0.9.30 (including) |
Webcalendar | Webcalendar | 0.9.31 (including) | 0.9.31 (including) |
Webcalendar | Webcalendar | 0.9.32 (including) | 0.9.32 (including) |
Webcalendar | Webcalendar | 0.9.33 (including) | 0.9.33 (including) |
Webcalendar | Webcalendar | 0.9.34 (including) | 0.9.34 (including) |
Webcalendar | Webcalendar | 0.9.35 (including) | 0.9.35 (including) |
Webcalendar | Webcalendar | 0.9.36 (including) | 0.9.36 (including) |
Webcalendar | Webcalendar | 0.9.37 (including) | 0.9.37 (including) |
Webcalendar | Webcalendar | 0.9.38 (including) | 0.9.38 (including) |
Webcalendar | Webcalendar | 0.9.39 (including) | 0.9.39 (including) |
Webcalendar | Webcalendar | 0.9.40 (including) | 0.9.40 (including) |
Webcalendar | Webcalendar | 0.9.41 (including) | 0.9.41 (including) |
Webcalendar | Webcalendar | 0.9.42 (including) | 0.9.42 (including) |
Webcalendar | Webcalendar | 0.9.43 (including) | 0.9.43 (including) |
Webcalendar | Webcalendar | 0.9.44 (including) | 0.9.44 (including) |