3 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 TEMPLATEDIR parameter to a showinvoices.php, b showmonth.php, c showevents.php, d retrieveinvoice.php, e modifyitem.php, and f lookupuserid.php; ...
CVE-2006-5426
PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter...
CVE-2006-5426
CVE-2006-5426 affects LoCal Calendar System 1.1. A vulnerability in the file lib/lcUser.php allows remote attackers to execute arbitrary PHP code via a URL supplied to the LIBDIR parameter, due to a remote file inclusion vulnerability. The CVE entry indicates this is a PHP RFI with potential impa...