Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0206

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0206
Last Modified 05 Sep 2008 04:58:38
Published 13 Jan 2006 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0206

Summary

Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.

Vulnerable Systems

Application

  • Light Weight Calendar 1.0


References

BID - 16229

SECUNIA - 18450

MISC - http://evuln.com/vulns/29/summary.html

MISC - http://evuln.com/vulns/29/exploit.html

XF - lwc-cal-execute-code(24110)

OSVDB - 22376

VIM - 20060318 Source VERIFY - Light Weight Calendar issue is eval injection


Last Updated: 27 May 2016 10:41:34