FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpicalendar -- file disclosure vulnerability

Affected packages
phpicalendar < 2.21

Details

VuXML ID f1f163ce-9e09-11da-b410-000e0c2e438a
Discovery 2006-02-08
Entry 2006-02-15

The phpicalendar team reports that there is an unspecified vulnerability within phpicalendar. This seems to be a file disclosure vulnerability caused by improper checking of the template parsing function. This would allow an attacker to disclose any file readable by the user under which the webserver runs.

References

URL http://phpicalendar.net/forums/viewtopic.php?t=396