CVE-2005-2320

Published Jul 19, 2005
Last updated 16 years ago
Overview

Description: WebCalendar before 1.0.0 does not properly restrict access to assistant_edit.php, which allows remote attackers to gain privileges.
Source: cve@mitre.org
NVD status: Analyzed
Hype score: Not currently trending
Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE2EABBA-AE17-44B6-9789-6E24D794A3A5"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25AD3E54-46F8-4DE0-86CE-D5D3FF079787"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3857C666-0421-4EC8-80F4-2A62D44A1DDB"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E9BB322-7C8F-4ACB-8809-2A96C0F9D65E"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C4AA766-E1FC-4AEA-A2C6-9998A395F978"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83918F72-9289-4C14-AC44-46A848DD0487"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B1BCC1F-3031-49CB-95EF-C733D0A24EEF"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAC57185-15AA-414B-9779-AF89170B9E85"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BCFF5B6-324C-43EC-AAF3-EBBA23C2C583"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7E93824-0B9A-4B6C-A60B-78942160DF92"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7D31CCF-3D1C-472F-B940-758A607111BC"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E2B148A-C41F-44C7-A044-002F25FA06C8"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B69D3BF4-E0CD-4844-BF5B-BBE5B9D989DD"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B73A4C5-4D6A-4CB8-9CB9-DFD038B869FE"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96780B29-70A4-41B9-BFAE-F6AE56526A17"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "206445B6-2D25-46B6-8ED2-32CEF068CD2A"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "576E931E-A40F-4087-B810-9BAA11464452"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1BFF736-D44F-4A13-A67E-1D3103F6DBF0"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F26E6E8-9EAB-4293-B12F-D81973C01447"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD49942E-171A-44E4-AE84-301F3E39B117"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0925C97E-E404-46A6-952A-BDF64D7EAF1A"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5611335-10FE-4040-AF02-A2C871DAF3A1"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CCFB394-8FA7-4076-8098-37D569829B31"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CB49B00-95CE-43A0-B64F-D2014692C7D4"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2809B65-50FC-4536-8A61-D8164EE99320"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FC47C91-B1FF-404B-8F73-37E325FCC566"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A232F7-49E3-49B6-951A-1048D71BCF03"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE65D8C-C531-4212-AEF6-003A869030FE"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.43:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F803CC2-7E5E-460B-95CA-33BD80DC1CF7"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.44:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2BE8F76-8C07-49BD-9E66-9790C0E8EDF7"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "900D9BF6-6CFE-4BD6-923B-3E5F6F5FC59A"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:0.9.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD15A765-60CC-4A0D-ADA3-8F6D1ABBE9EF"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:1.0.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8261B9D7-505A-48BB-9987-ED0B7F21630C"
          },
          {
            "criteria": "cpe:2.3:a:webcalendar:webcalendar:1.0.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0045C00A-1F7E-4533-AA56-6175AA916ACA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References
