The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.
References
Configurations
History
20 Nov 2024, 23:45
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=106062021711496&w=2 - | |
References | () http://marc.info/?l=bugtraq&m=106252188522715&w=2 - |
Information
Published : 2003-10-20 04:00
Updated : 2024-11-20 23:45
NVD link : CVE-2003-0737
Mitre link : CVE-2003-0737
CVE.ORG link : CVE-2003-0737
JSON object : View
Products Affected
phpwebsite
- phpwebsite
CWE