CVE-2003-0737

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpwebsite:phpwebsite:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:45

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=106062021711496&w=2 - () http://marc.info/?l=bugtraq&m=106062021711496&w=2 -
References () http://marc.info/?l=bugtraq&m=106252188522715&w=2 - () http://marc.info/?l=bugtraq&m=106252188522715&w=2 -

Information

Published : 2003-10-20 04:00

Updated : 2024-11-20 23:45


NVD link : CVE-2003-0737

Mitre link : CVE-2003-0737

CVE.ORG link : CVE-2003-0737


JSON object : View

Products Affected

phpwebsite

  • phpwebsite