Ltwcalendar Security Vulnerabilities and Issues — Ltwcalendar CVE List

Lucene search

CodewalkersLtwcalendar

2 matches found

CVE•added 2005/12/05 11:3 a.m.•39 views

CVE-2005-4011

SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

7.5CVSS8.9AI score0.01817EPSS

CVE•added 2006/06/15 10:2 a.m.•27 views

CVE-2006-3041

PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the ltw_config[include_dir] parameter. NOTE: CVE disputes this claim, since the $ltw_config[include_dir] variable is defined as a s...

7.5CVSS7.9AI score0.00741EPSS