Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-1508

init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_inc parameter.

2004-12-31T05:00:00.000

2025-04-03T01:03:51.193

Deferred

CVSSv2: 7.5 (HIGH)

AV:N/AC:L/Au:N/C:P/I:P/A:P

10.0

6.4

Type	Vendor	Product	Version/Range	Vulnerable?
Application	webcalendar	webcalendar	0.9.8	Yes
Application	webcalendar	webcalendar	0.9.11	Yes
Application	webcalendar	webcalendar	0.9.15	Yes
Application	webcalendar	webcalendar	0.9.16	Yes
Application	webcalendar	webcalendar	0.9.19	Yes
Application	webcalendar	webcalendar	0.9.20	Yes
Application	webcalendar	webcalendar	0.9.21	Yes
Application	webcalendar	webcalendar	0.9.22	Yes
Application	webcalendar	webcalendar	0.9.23	Yes
Application	webcalendar	webcalendar	0.9.24	Yes
Application	webcalendar	webcalendar	0.9.25	Yes
Application	webcalendar	webcalendar	0.9.26	Yes
Application	webcalendar	webcalendar	0.9.27	Yes
Application	webcalendar	webcalendar	0.9.28	Yes
Application	webcalendar	webcalendar	0.9.29	Yes
Application	webcalendar	webcalendar	0.9.30	Yes
Application	webcalendar	webcalendar	0.9.31	Yes
Application	webcalendar	webcalendar	0.9.32	Yes
Application	webcalendar	webcalendar	0.9.33	Yes
Application	webcalendar	webcalendar	0.9.34	Yes
Application	webcalendar	webcalendar	0.9.35	Yes
Application	webcalendar	webcalendar	0.9.36	Yes
Application	webcalendar	webcalendar	0.9.37	Yes
Application	webcalendar	webcalendar	0.9.38	Yes
Application	webcalendar	webcalendar	0.9.39	Yes
Application	webcalendar	webcalendar	0.9.40	Yes
Application	webcalendar	webcalendar	0.9.41	Yes
Application	webcalendar	webcalendar	0.9.42	Yes
Application	webcalendar	webcalendar	0.9.43	Yes
Application	webcalendar	webcalendar	0.9.44	Yes