Unrated severityNVD Advisory· Published Dec 4, 2005· Updated Apr 16, 2026

CVE-2005-3982

Description

CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests.

Affected products

Webcalendar/Webcalendar
cpe:2.3:a:webcalendar:webcalendar:1.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17848nvdPatchVendor Advisory
secunia.com/advisories/19240nvdPatchVendor Advisory
www.debian.org/security/2006/dsa-1002nvdPatchVendor Advisory
vd.lwang.org/webcalendar_multiple_vulns.txtnvd
www.osvdb.org/21383nvd
www.securityfocus.com/archive/1/418286/100/0/threadednvd
www.securityfocus.com/bid/15673nvd
www.vupen.com/english/advisories/2005/2702nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000