Описание
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
Ссылки
- Exploit
- ExploitVendor Advisory
- ExploitVendor Advisory
- Exploit
- Exploit
- ExploitVendor Advisory
- ExploitVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:light_weight_calendar:light_weight_calendar:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10246
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
EPSS
Процентиль: 93%
0.10246
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other