phpicalendar -- file disclosure vulnerability

2006-02-08T00:00:00
ID F1F163CE-9E09-11DA-B410-000E0C2E438A
Type freebsd
Reporter FreeBSD
Modified 2006-02-08T00:00:00

Description

The phpicalendar team reports that there is an unspecified vulnerability within phpicalendar. This seems to be a file disclosure vulnerability caused by improper checking of the template parsing function. This would allow an attacker to disclose any file readable by the user under which the webserver runs.