Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1 logs failed passwords, which might allow malicious users to infer correct passwords from the log file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
codewalkers ltwcalendar 4.2 |
||
codewalkers ltwcalendar 4.1.3 |