install/index.php in Craig Knudsen WebCalendar prior to 1.2.5 allows remote malicious users to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webcalendar project webcalendar 1.2.2 |
||
webcalendar project webcalendar 1.2.0 |
||
webcalendar project webcalendar 1.1.1 |
||
webcalendar project webcalendar 1.0 |
||
webcalendar project webcalendar 1.2.4 |
||
webcalendar project webcalendar 1.2.3 |
||
webcalendar project webcalendar 1.1.6 |
||
webcalendar project webcalendar 1.1.5 |
||
webcalendar project webcalendar 1.1.4 |
||
webcalendar project webcalendar 1.1.3 |
||
webcalendar project webcalendar 1.2.1 |
||
webcalendar project webcalendar 1.2 |
||
webcalendar project webcalendar 1.1.2 |