2 matches found
CVE-2007-2049
CVE-2007-2049 affects the Calendar Module (com_calendar) 1.5.5 in Mambo. The vulnerability arises from multiple PHP remote file inclusion flaws that allow an attacker to supply a URL via the absolute_path parameter to either com_calendar.php or mod_calendar.php, enabling remote code execution. NV...
CVE-2006-3843
The CVE-2006-3843 entry concerns a PHP remote file inclusion vulnerability in Calendar Mambo Module (com_calendar.php) up to version 1.5.7 and earlier. The identified flaw allows a remote attacker to execute arbitrary PHP code by supplying a URL in the absolute_path parameter. Affected software i...