[] NeoSense
E X P L O I T S
title author type platform port cve id

WebCalendar 1.0.1 - 'Layers_Toggle.php' HTTP Response Splitting

Author: lwang
type: webapps
platform: php
port: 
date_added: 2005-12-01 
date_updated: 2016-12-09 
verified: 1 
codes: CVE-2005-3982;OSVDB-21383 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comWebCalendar-1.0.1.zip
source: https://www.securityfocus.com/bid/15673/info

WebCalendar is prone to an HTTP response-splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust.

WebCalendar 1.0.1 is vulnerable; other versions may also be affected.

http://www.example.com/webcalendar/layers_toggle.php?status=on&ret=[url_redirect_to]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.