Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6356


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-6356
Last Modified 07 Mar 2011 10:16:12
Published 02 Mar 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



evCal Events Calendar stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to (1) evcal.mdb and (2) evcal97.mdb.

Vulnerable Systems


  • Donnafontenot Evcal Events Calendar -


XF - evcaleventscalendar-evcal-security-bypass(47265)

MILW0RM - 7419

SECUNIA - 34258

XF - evcaleventscal-multiple-info-disclosure(47265)

Last Updated: 27 May 2016 10:49:59