IDCVSSSummaryLast (major) updatePublished
CVE-2008-6736 6.4
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to (1) add new events via calAdd.php, as reachable from admin/add.php, or (2) delete events via admin/deleteEvent.php. NOTE: this is only
11-10-2018 - 20:57 21-04-2009 - 18:30
Back to Top Mark selected
Back to Top