CVE-2006-1922
CVE-2006-1922 concerns TotalCalendar: PHP remote file inclusion in TotalCalendar’s about.php and auth.php via inc_dir. The root cause is improper handling of the inc_dir URL parameter, allowing arbitrary PHP code execution if an attacker supplies a crafted URL. Affected software is TotalCalendar ...