[VIM] EasyPHPCalendar header.inc.php serverPath Variable Remote
File Inclusion (fwd)
Steven M. Christey
coley at linus.mitre.org
Mon Jul 25 18:02:07 EDT 2005
On Fri, 22 Jul 2005, security curmudgeon wrote:
> ---------- Forwarded message ----------
> From: Brian E. Nash <info at nashtech.net>
> To: moderators at osvdb.org
> Date: Fri, 22 Jul 2005 10:38:21 -0400
> Subject: [OSVDB Mods] [Change Request] 17732: EasyPHPCalendar header.inc.php
> serverPath Variable Remote File Inclusion
>
> The vulnerabilities have been addressed. Can you update your records that
> Version 6.2.8 and above are not at risk?
Interesting - he didn't include the CAN for this issue when he notified
CVE that he fixed CAN-2005-1144 and CAN-2005-1143. I'll follow up.
- Steve
More information about the VIM
mailing list