3 matches found
PHP-Calendar 0.10.1 - Arbitrary File Inclusion
PHP-Calendar 0.10.1 - Arbitrary File Inclusion PHP-Calendar Arbitrary File Inclusion Vendor: Sean Proctor Product: PHP-Calendar Version: = 0.10.1 Website: http://php-calendar.sourceforge.net/ BID: 12127 CVE: CVE-2004-1423 OSVDB: 12700 12701 SECUNIA: 22516 PACKETSTORM: 35563 Description: I was...
CVE-2004-1423
Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office VLO and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpcrootpath parameter to 1 includes/calendar.ph...
CVE-2004-1423
PHP-Calendar (Sean Proctor) before 0.10.1 contains multiple remote file inclusion flaws. The vulnerability is triggered by a URL in the phpc_root_path parameter to includes/calendar.php or includes/setup.php, allowing remote attackers to execute arbitrary PHP code. Affected product: PHP-Calendar;...