|
|
CVE Reference: CVE-2006-2762 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2762 |
|
|
Description: PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a user_inc setting that is used in an include_once call. |
|
|
CVE Status: Candidate |
|
|
References: ST 1016179 SREASON http://securityreason.com/securityalert/1019 SAID Secunia Advisory: SA20367 Secunia Advisory: SA20542 OSVDB 25842 DEBIAN http://www.debian.org/security/2006/dsa-1096 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/436263/100/0/threaded http://www.securityfocus.com/archive/1/435379 BID 18175 |
|
| Return to the previous page. |
