The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-09-04T04:00:00
Updated: 2024-08-08T02:05:12.304Z
Reserved: 2003-09-03T00:00:00
Link: CVE-2003-0737
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-10-20T04:00:00.000
Modified: 2024-11-20T23:45:24.663
Link: CVE-2003-0737
Redhat
No data.