CVE Vulnerabilities

CVE-2012-5385

Published: Oct 11, 2012 | Modified: Jan 29, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.

Affected Software

Name Vendor Start Version End Version
Webcalendar Webcalendar_project 1.0 1.0
Webcalendar Webcalendar_project 1.0 1.0
Webcalendar Webcalendar_project 1.0 1.0
Webcalendar Webcalendar_project 1.1.1 1.1.1
Webcalendar Webcalendar_project 1.1.2 1.1.2
Webcalendar Webcalendar_project 1.1.3 1.1.3
Webcalendar Webcalendar_project 1.1.4 1.1.4
Webcalendar Webcalendar_project 1.1.5 1.1.5
Webcalendar Webcalendar_project 1.1.6 1.1.6
Webcalendar Webcalendar_project 1.2 1.2
Webcalendar Webcalendar_project 1.2.0 1.2.0
Webcalendar Webcalendar_project 1.2.1 1.2.1
Webcalendar Webcalendar_project 1.2.2 1.2.2
Webcalendar Webcalendar_project 1.2.3 1.2.3
Webcalendar Webcalendar_project 1.2.4 1.2.4

References