This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
WebCalendar is proven vulnerable to a remote file inclusion
vulnerability. The send_reminders.php does not properly verify the
'includedir' parameter, giving remote attackers the possibility to
include local and remote files. These files can be used by the
attacker to gain access to the system.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : true