webcalendar: information disclosure
| Package(s): | webcalendar | CVE #(s): | CVE-2006-2247 | ||||
| Created: | May 15, 2006 | Updated: | May 17, 2006 | ||||
| Description: | David Maciejak noticed that webcalendar, a PHP-Based multi-user calendar, returns different error messages on login attempts for an invalid password and a non-existing user, allowing remote attackers to gain information about valid usernames. | ||||||
| Alerts: |
| ||||||