cve/2003/CVE-2003-0737.md

### [CVE-2003-0737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0737)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.

### POC

#### Reference
- http://marc.info/?l=bugtraq&m=106062021711496&w=2

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2003-0737](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0737)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library.`

			`### POC`

			`#### Reference`
			`- http://marc.info/?l=bugtraq&m=106062021711496&w=2`

			`#### Github`
			`No PoCs found on GitHub currently.`