VR Calendar Vulnerable to Path Traversal and PHP Local File Inclusion
CVE-2024-44013
7.5HIGH
What is CVE-2024-44013?
A vulnerabilities exists within VR Calendar developed by Innate Images LLC, specifically a Path Traversal issue that compromises file inclusion integrity. This flaw allows unauthorized access to local files via PHP Local File Inclusion, posing security risks to affected installations. The vulnerability impacts versions of VR Calendar from n/a up to 2.4.0, making it essential for users to identify and remediate the issue promptly to safeguard sensitive data and maintain operational security.
Affected Version(s)
VR Calendar <= 2.4.0