Описание
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jce-tech:php_calendars_script:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01264
Низкий
5 Medium
CVSS2
Дефекты
CWE-16
Связанные уязвимости
github
почти 4 года назад
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation.
EPSS
Процентиль: 79%
0.01264
Низкий
5 Medium
CVSS2
Дефекты
CWE-16