Unrated severityNVD Advisory· Published Apr 21, 2009· Updated Jun 16, 2026
CVE-2008-6736
CVE-2008-6736
Description
Flat Calendar 1.1 does not properly restrict access to administrative functions, which allows remote attackers to (1) add new events via calAdd.php, as reachable from admin/add.php, or (2) delete events via admin/deleteEvent.php. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's security documentation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:circulargenius:flat_calendar:1.1:*:*:*:*:*:*:*
- Range: <1.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.