Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and previous versions allows remote malicious users to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
light weight calendar light weight calendar 1.0 |