https://www.exploit-db.com/exploits/24838
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-740

ASPCalendar的控制面板不要求身份验证来访问，远程攻击者借助到main.asp的直接请求获取未经授权的访问。

source: http://www.securityfocus.com/bid/11931/info

ASP Calendar is reported prone to an unauthorized administrative access vulnerability. An unauthorized remote attacker can access an administrative script and potentially gain administrative access to the application.

It is believed that this issue affects ASP Calendar Version 1. 

http://www.example.com/***/admin/main.asp
*** : directory of asp calendar

来源:XF
名称:asp-calendar-gain-access(18474)
链接:http://xforce.iss.net/xforce/xfdb/18474
来源:BID
名称:11931
链接:http://www.securityfocus.com/bid/11931
来源:BUGTRAQ
名称:20041214ASPCalendarVulnerability
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=110304839629822&w;=2