Security vulnerabilities announced
Brought to you by:
cknudsen
Please see advisories in following URLs:
http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-PHP-CODE-INJECTION.txt
http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-CSRF-PROTECTION-BYPASS.txt
These should be fixed as soon as possible.