CVE-2004-1423

2004-12-31T05:00:00
ID CVE-2004-1423
Type cve
Reporter cve@mitre.org
Modified 2018-10-19T15:30:00

Description

Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office (VLO) and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpc_root_path parameter to (1) includes/calendar.php or (2) includes/setup.php.