CVE-2012-5385
11.10.2012, 15:55
install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.Enginsight
| Vendor | Product | Version |
|---|---|---|
| webcalendar_project | webcalendar | 1.0:rc1 |
| webcalendar_project | webcalendar | 1.0:rc2 |
| webcalendar_project | webcalendar | 1.0:rc3 |
| webcalendar_project | webcalendar | 1.1.1 |
| webcalendar_project | webcalendar | 1.1.2 |
| webcalendar_project | webcalendar | 1.1.3 |
| webcalendar_project | webcalendar | 1.1.4 |
| webcalendar_project | webcalendar | 1.1.5 |
| webcalendar_project | webcalendar | 1.1.6 |
| webcalendar_project | webcalendar | 1.2:b1 |
| webcalendar_project | webcalendar | 1.2.0 |
| webcalendar_project | webcalendar | 1.2.1 |
| webcalendar_project | webcalendar | 1.2.2 |
| webcalendar_project | webcalendar | 1.2.3 |
| webcalendar_project | webcalendar | 1.2.4 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration