FreeBSD : WebCalendar -- remote file inclusion vulnerability (60f8fe7b-3cfb-11da-baa2-0004614cc33d)
High Nessus Plugin ID 21436
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionWebCalendar is proven vulnerable to a remote file inclusion vulnerability. The send_reminders.php does not properly verify the 'includedir' parameter, giving remote attackers the possibility to include local and remote files. These files can be used by the attacker to gain access to the system.
SolutionUpdate the affected package.