Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0805

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-0805
Last Modified 05 Mar 2009 12:00:00
Published 04 Mar 2009 12:30:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0805

Summary

Cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier, a module for XOOPS, allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php.

Vulnerable Systems

Application

  • Mihai Bazon Pical 0.91h


References

CONFIRM - http://xoops.peak.ne.jp/md/news/index.php?page=article&storyid=476&easiestml_lang=xlang%3Aen

CONFIRM - http://xoops.peak.ne.jp/md/news/

BID - 33896

SECUNIA - 33986

JVNDB - JVNDB-2009-000013

JVN - JVN#91591874


Last Updated: 27 May 2016 10:50:22