Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2570


Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2570
Last Modified 07 Mar 2011 09:36:31
Published 24 May 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS["CLPath"] parameter to (1) reconfig.php and (2) srxclr.php. NOTE: this might be due to a globals overwrite issue.

Vulnerable Systems


  • Calogic Calendars 1.2.2


BID - 18076

XF - calogic-reconfig-srxclr-file-include(26590)

MILW0RM - 1809

Last Updated: 27 May 2016 10:42:40