Required CVE Record Information
Description
PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the v parameter.
References 4 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- exchange.xforce.ibmcloud.com: a4deskeventcalendar-index-file-include(45553) vdb-entryx_transferred
- secunia.com: 32083 third-party-advisoryx_transferred
- securityfocus.com: 31507 vdb-entryx_transferred
- http://packetstormsecurity.org/0809-exploits/a4deskphp-rfi.txt x_transferred