2 matches found
Light Weight Calendar index.php date Parameter PHP Code Execution - Ver2 (CVE-2006-0206)
A code execution vulnerability has been reported in Light Weight Calendar. The vulnerability is due to the application does not validating the 'date' variable upon submission to the 'index.php' script. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrar...
CVE-2006-0206
CVE-2006-0206 affects Light Weight Calendar (LWC) 1.0 (20040909) and earlier. The vulnerability is an eval injection: the date parameter submitted to index.php via cal.php is included and can be exploited to execute arbitrary PHP code on the server. This is a remote code execution issue. Connecte...