CVE-2005-1148 Information

Description

calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via invalid (1) year or (2) month parameters which leaks the full pathname and debug information.

Reference

http://securitytracker.com/id?1013705 http://www.snkenjoi.com/secadv/secadv3.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/20102