CVE-2002-2065

2005-07-1404:00:00

mitre

www.cve.org

webcalendar

security flaw

remote attackers

arbitrary include files

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.9%

JSON

WebCalendar 0.9.34 and earlier with ‘browsing in includes directory’ enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root.

References

sourceforge.net/project/shownotes.php?group_id=3870&release_id=93295

www.iss.net/security_center/static/9296.php

www.securityfocus.com/bid/4961