Information Disclosure in CalendarScript 3.20 via Invalid Parameters
CVE-2005-1147 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
calendar.pl in CalendarScript 3.20 allows remote attackers to obtain sensitive information via invalid (1) calendar or (2) template parameters, which leaks the full pathname and debug information.
Learn more about our Web Application Penetration Testing UK.