Multiple PHP remote file inclusion vulnerabilities in phpMyAgenda 3.0 Final and earlier allow remote attackers to execute arbitrary PHP code via a URL in the rootagenda parameter to (1) agendaplace.php3, (2) agendaplace2.php3, (3) infoevent.php3, and (4) agenda2.php3, different vectors than CVE-2006-2009.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpmyagenda | Phpmyagenda | * | 3.0_final (including) |