1
Candidate: CVE-2008-5967
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5967
6
admin/index.php in PHP iCalendar 2.3.4, 2.24, and earlier does not require
7
administrative authentication for an addupdate action, which allows remote
8
attackers to upload a calendar (aka .ics) file with arbitrary content to
9
the calendars/ directory outside the web root.
18
upstream_phpicalendar: needs-triage
19
dapper_phpicalendar: DNE
20
gutsy_phpicalendar: DNE
21
hardy_phpicalendar: DNE
22
intrepid_phpicalendar: needed (reached end-of-life)
23
jaunty_phpicalendar: ignored (reached end-of-life)
24
karmic_phpicalendar: DNE
25
lucid_phpicalendar: DNE
26
maverick_phpicalendar: DNE
27
devel_phpicalendar: DNE