CVE-2002-2065 Information

Description

WebCalendar 0.9.34 and earlier with ‘browsing in includes directory’ enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root.

Reference

http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=93295 http://www.iss.net/security_center/static/9296.php http://www.securityfocus.com/bid/4961