VULHUB ™

WebCalendar is a web application written in PHP and used to maintain a calendar for a single or multiple users. A vulnerability has been reported in WebCalendar that may allow attackers to view potentially sensitive information. Files containing configuration information are stored in the web root directory with '.inc' extensions. It may be possible for attackers to retrieve these files without processing by the PHP interpreter. This information can then be used to mount further attacks against a vulnerable system.

WebCalendar is a web application written in PHP and used to maintain a calendar for a single or multiple users. A vulnerability has been reported in WebCalendar that may allow attackers to view potentially sensitive information. Files containing configuration information are stored in the web root directory with '.inc' extensions. It may be possible for attackers to retrieve these files without processing by the PHP interpreter. This information can then be used to mount further attacks against a vulnerable system.