Lucene search

[email protected]CVE-2006-0673

HistoryFeb 13, 2006 - 10:02 p.m.

CVE-2006-0673

2006-02-1322:02:00

[email protected]

web.nvd.nist.gov

magic calendar lite

sql injection

security vulnerability

remote attackers

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.0%

JSON

Multiple SQL injection vulnerabilities in cms/index.php in Magic Calendar Lite 1.02, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) $total_login and (2) $total_password parameter.

Affected configurations

NVD

Node

reamday_enterprisesmagic_calendar_liteMatch1.02

CPENameOperatorVersion
reamday_enterprises:magic_calendar_litereamday enterprises magic calendar liteeq1.02

CPE	Name	Operator	Version
reamday_enterprises:magic_calendar_lite	reamday enterprises magic calendar lite	eq	1.02

References

evuln.com/vulns/71/summary.html

secunia.com/advisories/18855

securityreason.com/securityalert/459

securitytracker.com/id?1015650

www.securityfocus.com/archive/1/425491/100/0/threaded

www.securityfocus.com/bid/16646

www.securityfocus.com/bid/16734

www.vupen.com/english/advisories/2006/0525

exchange.xforce.ibmcloud.com/vulnerabilities/24588

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.0%

JSON

Related for CVE-2006-0673

prion1 nvd1 securityvulns1 cvelist1