CVE-2005-1864

Properties

Published:
08.06.2005
Updated:
27.09.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
Vincent Hor: Calendarix Advanced

Vulnerability description

PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter.

References:

BUGTRAQ: http://archives.neohapsis.com/archives/bugtraq/2005-05/0356.html
SECTRACK: http://securitytracker.com/alerts/2005/May/1014083.html