CVE-2005-1147 Information

Description

calendar.pl in CalendarScript 3.20 allows remote attackers to obtain sensitive information via invalid (1) calendar or (2) template parameters which leaks the full pathname and debug information.

Reference

http://securitytracker.com/id?1013705 http://www.osvdb.org/15546 http://www.snkenjoi.com/secadv/secadv3.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/20102