PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[βCLPathβ] parameter to (1) reconfig.php and (2) srxclr.php. NOTE: this might be due to a globals overwrite issue.
CPE | Name | Operator | Version |
---|---|---|---|
calogic_calendars | eq | 1.2.2 |