7.9 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.128 Low
EPSS
Percentile
95.5%
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
CPE | Name | Operator | Version |
---|---|---|---|
light_weight_calendar:light_weight_calendar | light weight calendar | eq | 1.0 |
attrition.org/pipermail/vim/2006-March/000612.html
evuln.com/vulns/29/exploit.html
evuln.com/vulns/29/summary.html
secunia.com/advisories/18450
www.osvdb.org/22376
www.securityfocus.com/archive/1/421920
www.securityfocus.com/bid/16229
www.vupen.com/english/advisories/2006/0171
exchange.xforce.ibmcloud.com/vulnerabilities/24110