Unrated severityNVD Advisory· Published Oct 20, 2003· Updated Jun 16, 2026
CVE-2003-0737
CVE-2003-0737
Description
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.
Affected products
2cpe:2.3:a:phpwebsite:phpwebsite:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpwebsite:phpwebsite:*:*:*:*:*:*:*:*range: <=0.9.0
- (no CPE)range: <=0.9.x
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.