CVE-2025-25224

Published: 2025-02-18T01:15Z

Last Modified: 2025-02-18T01:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains a missing authentication vulnerability in dloader.php. If this vulnerability is exploited, arbitrary files on a server may be obtained. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt