CVE-2005-4011
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
86.8%
SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Affected configurations
References
ltwcalendar.sourceforge.net/changelog.php
pridels0.blogspot.com/2005/11/codewalkers-ltwcalendar-4x-sql-inj.html
secunia.com/advisories/17799
securitytracker.com/id?1016364
www.attrition.org/pipermail/vim/2006-December/001154.html
www.osvdb.org/21195
www.osvdb.org/27539
www.securityfocus.com/archive/1/438232/100/0/threaded
www.securityfocus.com/archive/1/438580/100/0/threaded
www.securityfocus.com/bid/15636
www.securityfocus.com/bid/18593
www.Silitix.com/calendar-cws.php
www.vupen.com/english/advisories/2005/2652
exchange.xforce.ibmcloud.com/vulnerabilities/23312
exchange.xforce.ibmcloud.com/vulnerabilities/27362
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
86.8%