QwikSec

Security Database

CVE

CWE

Training

CVE-2006-3041

Published: Jun 15, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the ltw_config[include_dir] parameter. NOTE: CVE disputes this claim, since the $ltw_config[include_dir] variable is defined as a static value in an include file before it is referenced in an include() statement

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SREASON

20060615 Ltwcalendar 4.1.3 version - Remote File Include Vulnerabilities

mailing-list

x_refsource_VIM

vdb-entry

x_refsource_OSVDB

20060613 Ltwcalendar 4.1.3 version - Remote File Include Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.