CVE-2008-6103

2009-02-1018:00:00

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.028

Percentile

90.8%

JSON

PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the v parameter.

References

packetstormsecurity.org/0809-exploits/a4deskphp-rfi.txt

secunia.com/advisories/32083

www.securityfocus.com/bid/31507

exchange.xforce.ibmcloud.com/vulnerabilities/45553