Calendar Project
Approved changes feed: RSS · Atom
cpe:2.3:a:acal:calendar_project:2.2.5:*:*:*:*:*:*:*
part: a version: 2.2.5 update: *
| Vendor | Acal (f047f669-10e7-5cce-881c-67ad8206433d) |
|---|---|
| Product | Calendar Project (b993a37f-75fc-50d2-8998-fa6cf18f1d67) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2006-0183 |
vulnerable | 2026-06-03 14:27:15.389368 |
Details available
Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via (1) the edit=header value, which modifies header.php, or (2) the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from the poor authentication as identified by CVE-2006-0182. Since the design of the product allows the administrator to edit the code, perhaps this issue should not be included in CVE, except as a consequence of CVE-2006-0182.
Published: 2006-01-12T11:00:00.000Z
Updated: 2024-08-07T16:25:34.030Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-0182 |
vulnerable | 2026-06-03 14:27:15.388984 |
Details available
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside".
Published: 2006-01-12T11:00:00.000Z
Updated: 2024-08-07T16:25:33.895Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.