VYPR
Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026

CVE-2005-1148

CVE-2005-1148

Description

calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters, which leaks the full pathname and debug information.

Affected products

3
  • cpe:2.3:a:calendarscript:calendarscript:3.20:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:calendarscript:calendarscript:3.20:*:*:*:*:*:*:*
    • cpe:2.3:a:calendarscript:calendarscript:3.21:*:*:*:*:*:*:*
    • (no CPE)range: =3.21

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.