|
Description
|
|
Multiple vulnerabilities have been reported in LuxCal Web Calendar, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
1) Input passed to the "fName" parameter in dloader.php is not properly verified before being used to display files. This can be exploited to disclose the contents of certain files via directory traversal sequences.
2) An error due to the application not restricting access to "lcaldbc.dat" can be exploited to disclose sensitive information e.g. database credentials.
3) Input passed to the "cD" parameter in index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
4) The application does not properly restrict access to pages/phpinfo.php, which can be exploited to disclose certain system information.
The vulnerabilities are confirmed in version 2.7.0b. Prior versions may also be affected.
|
