CVE-2005-2717

Name of the Vulnerable Software and Affected Versions WebCalendar versions prior to 1.0.1

Description A remote file inclusion issue allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send reminders.php or other scripts.

Recommendations For versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the settings.php and send reminders.php scripts until a patch is applied.