install/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Webcalendar | Webcalendar_project | 1.0 | 1.0 |
Webcalendar | Webcalendar_project | 1.0 | 1.0 |
Webcalendar | Webcalendar_project | 1.0 | 1.0 |
Webcalendar | Webcalendar_project | 1.1.1 | 1.1.1 |
Webcalendar | Webcalendar_project | 1.1.2 | 1.1.2 |
Webcalendar | Webcalendar_project | 1.1.3 | 1.1.3 |
Webcalendar | Webcalendar_project | 1.1.4 | 1.1.4 |
Webcalendar | Webcalendar_project | 1.1.5 | 1.1.5 |
Webcalendar | Webcalendar_project | 1.1.6 | 1.1.6 |
Webcalendar | Webcalendar_project | 1.2 | 1.2 |
Webcalendar | Webcalendar_project | 1.2.0 | 1.2.0 |
Webcalendar | Webcalendar_project | 1.2.1 | 1.2.1 |
Webcalendar | Webcalendar_project | 1.2.2 | 1.2.2 |
Webcalendar | Webcalendar_project | 1.2.3 | 1.2.3 |
Webcalendar | Webcalendar_project | 1.2.4 | 1.2.4 |