FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371350
Date:      2014-10-22
Time:      08:54:58Z
Committer: matthew

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2b20fd5f-552e-11e1-9fb7-003067b2972cWebCalendar -- Persistent XSS

tom reports,

There is no sanitation on the input of the location variable allowing for persistent XSS.


Discovery 2012-01-11
Entry 2012-02-12
Modified 2012-02-13
WebCalendar
le 1.2.4

WebCalendar-devel
le 1.2.4

CVE-2012-0846
http://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870
72999d57-d6f6-11db-961b-005056847b26WebCalendar -- "noSet" variable overwrite vulnerability

Secunia reports:

A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to unspecified parameters is not properly verified before being used with the "noSet" parameter set. This can be exploited to overwrite certain variables, and allows e.g. the inclusion of arbitrary PHP files from internal or external resources.


Discovery 2007-03-04
Entry 2007-04-08
WebCalendar
lt 1.0.5

CVE-2007-1343
22834
http://sourceforge.net/project/shownotes.php?release_id=491130
http://xforce.iss.net/xforce/xfdb/32832
72999d57-d6f6-11db-961b-005056847b26WebCalendar -- "noSet" variable overwrite vulnerability

Secunia reports:

A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system.

Input passed to unspecified parameters is not properly verified before being used with the "noSet" parameter set. This can be exploited to overwrite certain variables, and allows e.g. the inclusion of arbitrary PHP files from internal or external resources.


Discovery 2007-03-04
Entry 2007-04-08
WebCalendar
lt 1.0.5

CVE-2007-1343
22834
http://sourceforge.net/project/shownotes.php?release_id=491130
http://xforce.iss.net/xforce/xfdb/32832
2b20fd5f-552e-11e1-9fb7-003067b2972cWebCalendar -- Persistent XSS

tom reports,

There is no sanitation on the input of the location variable allowing for persistent XSS.


Discovery 2012-01-11
Entry 2012-02-12
Modified 2012-02-13
WebCalendar
le 1.2.4

WebCalendar-devel
le 1.2.4

CVE-2012-0846
http://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870