2 matches found
CVE-2006-0206
CVE-2006-0206 affects Light Weight Calendar (LWC) 1.0 (20040909) and earlier. The vulnerability is an eval injection: the date parameter submitted to index.php via cal.php is included and can be exploited to execute arbitrary PHP code on the server. This is a remote code execution issue. Connecte...
CVE-2006-1252
CVE-2006-1252 affects Light Weight Calendar (LWC) 1.0, where an eval injection in cal.php allows remote attackers to execute arbitrary PHP code via the date parameter to index.php. This is a remote code execution vulnerability with CVSSv2 base score 7.5 (HIGH) and network attack vector with no au...