Vulnerabilities > Circulargenius
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-04-21 | CVE-2008-6736 | Permissions, Privileges, and Access Controls vulnerability in Circulargenius Flat Calendar 1.1 Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to (1) add new events via calAdd.php, as reachable from admin/add.php, or (2) delete events via admin/deleteEvent.php. | 6.4 |