WebCalendar多个远程漏洞

WebCalendar的validate.php存在漏洞。远程攻击者借助无效的encoded_login参数获取敏感信息，该漏洞在出错信息中泄露了完整路径。

It is reported that some, or all of these issues have been corrected in the CVS versions of the package. This has not been confirmed.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .
@securityfocus.com>

来源: XF
名称: webcalendar-encodedlogin-path-disclosure(18029)
链接:http://xforce.iss.net/xforce/xfdb/18029

来源: BID
名称: 11651
链接:http://www.securityfocus.com/bid/11651

来源: SECUNIA
名称: 13164
链接:http://secunia.com/advisories/13164

来源: BUGTRAQ
名称: 20041109 Multiple Vulnerabilities in WebCalendar
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=110011618724455&w=2