CVE-2006-1291

PHP iCalendar <2.21 - RCE

Title source: llm

Description

publish.ical.php in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier does not require authentication for write access to the calendars directory, which allows remote attackers to upload and execute arbitrary PHP scripts via a WebDAV PUT request with a filename containing a .php extension and a trailing null character.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1586

View Code ZIP pw:eip

References (5)

[Exploit] http://downloads.securityfocus.com/vulnerabilities/exploits/php-iCalendar-221.upload.php

[Third Party Advisory] http://secunia.com/advisories/19285

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/1586

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1019

[Exploit] http://www.securityfocus.com/bid/17129

Scores

EPSS 0.0523

EPSS Percentile 90.0%

Details

Status published

Products (7)

php_icalendar/php_icalendar 2.0

php_icalendar/php_icalendar 2.0.1

php_icalendar/php_icalendar 2.0a2

php_icalendar/php_icalendar 2.0b

php_icalendar/php_icalendar 2.0c

php_icalendar/php_icalendar 2.1

php_icalendar/php_icalendar < 2.2.1

Published Mar 19, 2006

Tracked Since Feb 18, 2026