Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026
CVE-2005-1148
CVE-2005-1148
Description
calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information.
Affected products
3cpe:2.3:a:calendarscript:calendarscript:3.20:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:calendarscript:calendarscript:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:calendarscript:calendarscript:3.21:*:*:*:*:*:*:*
- (no CPE)range: =3.21
Patches
Vulnerability mechanics
References
3- securitytracker.com/idnvdExploit
- www.snkenjoi.com/secadv/secadv3.txtnvdExploitVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/20102nvd
News mentions
0No linked articles in our index yet.