High severity7.5NVD Advisory· Published Aug 31, 2017· Updated Jun 17, 2026
CVE-2014-8675
CVE-2014-8675
Description
Soplanning 1.32 and earlier generates static links for sharing ICAL calendars with embedded login information, which allows remote attackers to obtain a calendar owner's password via a brute-force attack on the embedded password hash.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:*range: <=1.32
- (no CPE)range: <=1.32
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/132654/Simple-Online-Planning-Tool-1.3.2-XSS-SQL-Injection-Traversal.htmlnvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2015/Jul/44nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/75726nvdThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/37604/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.