FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpicalendar -- file disclosure vulnerability

Affected packages
phpicalendar < 2.21


VuXML ID f1f163ce-9e09-11da-b410-000e0c2e438a
Discovery 2006-02-08
Entry 2006-02-15

The phpicalendar team reports that there is an unspecified vulnerability within phpicalendar. This seems to be a file disclosure vulnerability caused by improper checking of the template parsing function. This would allow an attacker to disclose any file readable by the user under which the webserver runs.