Common Vulnerabilities and Exposures assigned an identifier CVE-2011-3814 to
the following vulnerability:
WebCalendar 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain other files.
This issue affects the versions of the WebCalendar package, as shipped with Fedora release of 14 and 15. Please schedule an update.
Created WebCalendar tracking bugs for this issue
Affects: fedora-all [bug 741290]
WebCalendar-1.2.3-5.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
WebCalendar-1.2.3-5.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.