PHP remote file inclusion vulnerability in panel/common/theme/default/header_setup.php in WebBiscuits Software Events Calendar 1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the (1) path[docroot] and (2) component parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webbiscuits events calendar 1.1 |