WebCalendar 1.1.5 released to address vulnerability

WebCalendar is a PHP application used to maintain a calendar for a single user or an intranet group of users. It can also be configured as an event calendar.

WebCalendar 1.1.5 has been released. This release fixes an exploit recently discovered that can allow malicious users to install files on your server. All users of versions 1.1.2, 1.1.3 and 1.1.4 should update to 1.1.5 to fix this issue.

The update can be downloaded from SourceForge at:

http://sourceforge.net/project/showfiles.php?group_id=3870&package_id=203997

Note: WebCalendar 1.0.5 users are not vulnerable to this exploit.

Posted by Craig Knudsen 2007-09-13