CVE-2008-2836

NONE
Published Jun 24, 200818y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jun 24, 2008 18y ago
Last Modified Jun 16, 2026 2w ago

Description

PHP remote file inclusion vulnerability in send_reminders.php in WebCalendar 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter and a 0 value for the noSet parameter, a different vector than CVE-2007-1483.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-94 Improper Control of Generation of Code (Code Injection) Injection

Affected Products 1

VendorProductVersionRange
k5nwebcalendar1.0.4any

References 5

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.