CVE Vulnerabilities

CVE-2008-5840

Published: Jan 05, 2009 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.

Affected Software

Name Vendor Start Version End Version
Phpicalendar Phpicalendar * 2.24 (including)
Phpicalendar Phpicalendar 0.7 (including) 0.7 (including)
Phpicalendar Phpicalendar 0.8 (including) 0.8 (including)
Phpicalendar Phpicalendar 0.9 (including) 0.9 (including)
Phpicalendar Phpicalendar 0.9.5 (including) 0.9.5 (including)
Phpicalendar Phpicalendar 1.0 (including) 1.0 (including)
Phpicalendar Phpicalendar 1.1 (including) 1.1 (including)
Phpicalendar Phpicalendar 2.0-beta (including) 2.0-beta (including)
Phpicalendar Phpicalendar 2.0.1 (including) 2.0.1 (including)
Phpicalendar Phpicalendar 2.0c (including) 2.0c (including)
Phpicalendar Phpicalendar 2.1 (including) 2.1 (including)
Phpicalendar Phpicalendar 2.2 (including) 2.2 (including)
Phpicalendar Phpicalendar 2.21 (including) 2.21 (including)
Phpicalendar Phpicalendar 2.22 (including) 2.22 (including)
Phpicalendar Phpicalendar 2.23 (including) 2.23 (including)
Phpicalendar Phpicalendar 2.23-rc1 (including) 2.23-rc1 (including)
Phpicalendar2.0 Phpicalendar alpha_test (including) alpha_test (including)

References