FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
18dffa02-946a-11e1-be9d-000c29cc39d3WebCalendar -- multiple vulnerabilities

Hanno Boeck reports:

Fixes [are now available] for various security vulnerabilities including LFI (local file inclusion), XSS (cross site scripting) and others.


Discovery 2012-04-28
Entry 2012-05-02
WebCalendar-devel
le 1.2.4

CVE-2012-1495
CVE-2012-1496
http://packetstormsecurity.org/files/112332/WebCalendar-1.2.4-Remote-Code-Execution.html
http://packetstormsecurity.org/files/112323/WebCalendar-1.2.4-Pre-Auth-Remote-Code-Injection.html
http://archives.neohapsis.com/archives/bugtraq/2012-04/0182.html
2b20fd5f-552e-11e1-9fb7-003067b2972cWebCalendar -- Persistent XSS

tom reports,

There is no sanitation on the input of the location variable allowing for persistent XSS.


Discovery 2012-01-11
Entry 2012-02-12
Modified 2012-02-13
WebCalendar
le 1.2.4

WebCalendar-devel
le 1.2.4

CVE-2012-0846
http://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870