Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Ocean12 ASP Calendar Manager Authentication Bypass Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
ASP Calendar Manager
by:
6.5
CVSS
MEDIUM
Authentication Bypass
287
CWE
Product Name: ASP Calendar Manager
Affected Version From: 01.01
Affected Version To: 01.01
Patch Exists: NO
Related CWE:
CPE: a:ocean12:asp_calendar_manager:1.01
Metasploit:
Other Scripts:
Platforms Tested: Windows

Ocean12 ASP Calendar Manager Authentication Bypass Vulnerability

The Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability due to an access validation error in the application. This allows an attacker to gain access to restricted data.

Mitigation:

It is recommended to update to the latest version of Ocean12 ASP Calendar Manager to mitigate this vulnerability. Alternatively, restrict access to the affected application from untrusted networks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15329/info

Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability. This is due to to an access validation error in the application.

The application does properly verify access privileges and allows the attacker to gain access to restricted data.

Version 1.01 is affected; other versions may also be vulnerable.

http://www.example.com/admin/view.asp

Navigation

Suggest Exploit

Services By CQR