Remote File Inclusion Vulnerability in TeamCal Pro by TeamCal
CVE-2006-4845

Currently unrated

Key Information:

Vendor: George Lewe
Status: Teamcal Pro
Vendor: CVE Published:; 19 September 2006

Summary

The PHP remote file inclusion vulnerability in TeamCal Pro affects versions 2.8.001 and earlier. This flaw allows attackers to exploit the tc_config[app_root] parameter to execute arbitrary PHP code on the affected server. If successfully exploited, this vulnerability can lead to compromised web applications and unauthorized access to sensitive information.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/28956

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2006/3630

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/20036

vdb-entryx_refsource_BID

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 19, 2006
Vulnerability Reserved
Sep 18, 2006