[41431] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: WebCalendar Multiple Vulnerabilities

daemon@ATHENA.MIT.EDU (Paul Laudanski)
Wed Nov 30 15:15:32 2005

Date: Tue, 29 Nov 2005 21:04:21 -0500 (EST)
From: Paul Laudanski <zx@castlecops.com>
To: ascii <ascii@katamail.com>
Cc: full-disclosure@lists.grok.org.uk, <ml@sikurezza.org>,
        <bugtraq@securityfocus.com>, <news@securiteam.com>,
        <bugs@securitytracker.com>, <vuln@secunia.com>
In-Reply-To: <438B349A.8070708@katamail.com>
Message-ID: <Pine.LNX.4.44.0511292102400.15585-100000@bugsbunny.castlecops.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Mon, 28 Nov 2005, ascii wrote:

>   Name              Multiple Vulnerabilities in WebCalendar
>   Systems Affected  WebCalendar (verified on 1.0.1)
>   Severity          Medium Risk
>   Vendor            www.k5n.us/webcalendar.php?topic=About
>   Advisory
>    http://www.ush.it/team/ascii/hack-WebCalendar/advisory.txt
> 
> WebCalendar is vulnerable to four SQL Injection (files activity_log.php,
> admin_handler.php, edit_template.php and export_handler.php) and one
> local file overwrite (export_handler.php), input validation will fix.

I too tried contacting the vendor but received no response.  Your timing 
of vendor notice and vul'n release are fast unfortunately.  Taking a look, 
simple functions in PHP can be called upon to fix those issues.

Thanks for reporting them.

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41431] in bugtraq

Re: WebCalendar Multiple Vulnerabilities

daemon@ATHENA.MIT.EDU (Paul Laudanski)Wed Nov 30 15:15:32 2005

daemon@ATHENA.MIT.EDU (Paul Laudanski)
Wed Nov 30 15:15:32 2005