2 matches found
CVE-2006-2570
CaLogic Calendars 1.2.2 is affected by a PHP remote file inclusion via the GLOBALS["CLPath"] parameter in reconfig.php and srxclr.php, due to a globals overwrite issue. This allows remote attackers to execute arbitrary PHP code. Affected files/functions are specific to CaLogic Calendars; no patch...
CVE-2006-2570
PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS"CLPath" parameter to 1 reconfig.php and 2 srxclr.php. NOTE: this might be due to a globals overwrite issue...