2 matches found
CVE-2012-1495
install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter.
CVE-2012-1496
Local file inclusion in WebCalendar before 1.2.5.