Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Sweetphp Subscribe
Filtered by product Totalcalender
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-4929 1 Sweetphp 1 Totalcalender 2017-09-18 7.5 HIGH N/A
admin/manage_users.php in TotalCalendar 2.4 does not require administrative authentication, which allows remote attackers to change arbitrary passwords via the newPW1 and newPW2 parameters.