Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the phpicalendar[cookie_language] and phpicalendar[cookie_style] cookies, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included by day.php.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Php_icalendar | Php_icalendar | 2.0b | 2.0b |
| Php_icalendar | Php_icalendar | 2.0 | 2.0 |
| Php_icalendar | Php_icalendar | 2.0a2 | 2.0a2 |
| Php_icalendar | Php_icalendar | 2.0.1 | 2.0.1 |
| Php_icalendar | Php_icalendar | * | 2.2.1 |
| Php_icalendar | Php_icalendar | 2.1 | 2.1 |
| Php_icalendar | Php_icalendar | 2.0c | 2.0c |