// For flags

CVE-2005-4657

Ocean12 ASP Calendar Manager 1.0 - Authentication Bypass

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-11-04 First Exploit
  • 2005-12-31 CVE Published
  • 2006-01-16 CVE Reserved
  • 2024-09-16 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (2)
URL Tag Source
URL Date SRC
https://www.exploit-db.com/exploits/26473 2005-11-04
http://www.securityfocus.com/bid/15329 2024-09-16
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ocean12 Technologies
Search vendor "Ocean12 Technologies"
 Calendar Manager Pro
Search vendor "Ocean12 Technologies" for product "Calendar Manager Pro"
 1.01
Search vendor "Ocean12 Technologies" for product "Calendar Manager Pro" and version "1.01"
-
Affected