WebCalendar 0.9.34 and previous versions with 'browsing in includes directory' enabled allows remote malicious users to read arbitrary include files with .inc extensions from the web root.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webcalendar webcalendar 0.9.31 |
||
webcalendar webcalendar 0.9.32 |
||
webcalendar webcalendar 0.9.34 |
||
webcalendar webcalendar 0.9.33 |