Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2006/02/17 12:0 a.m.36 views

EV0062.txt

New eVuln Advisory: 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities http://evuln.com/vulns/62/summary.html --------------------Summary---------------- eVuln ID: EV0062 CVE: CVE-2006-0610 Software: 2200net Calendar system Sowtware's Web Site:...

7.5CVSS6.7AI score0.01869EPSS
Exploits1
securityvulns
securityvulns
added 2006/02/16 12:0 a.m.34 views

[eVuln] 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities

New eVuln Advisory: 2200net Calendar system SQL Injection and Authentication Bypass Vulnerabilities http://evuln.com/vulns/62/summary.html --------------------Summary---------------- eVuln ID: EV0062 CVE: CVE-2006-0610 Software: 2200net Calendar system Sowtware's Web Site:...

7.5CVSS1.2AI score0.01869EPSS
Exploits1
securityvulns
securityvulns
added 2006/02/10 12:0 a.m.28 views

[SA18781] 2200net Calendar System SQL Injection Vulnerabilities

TITLE: 2200net Calendar System SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA18781 VERIFY ADVISORY: http://secunia.com/advisories/18781/ CRITICAL: Moderately critical IMPACT: Security Bypass, Manipulation of data WHERE: From remote SOFTWARE: 2200net Calendar System 1.x...

0.6AI score
Exploits0
Prion
Prion
added 2006/02/09 12:2 a.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, with gpcmagicquotes disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via 1 the fmdataid parameter to calendar.php and 2 the $ad'acc' variable in adminlogin.php...

7.5CVSS9.4AI score0.01869EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2006/02/09 12:2 a.m.23 views

CVE-2006-0610

Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, with gpcmagicquotes disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via 1 the fmdataid parameter to calendar.php and 2 the $ad'acc' variable in adminlogin.php...

7.5CVSS8.7AI score0.01869EPSS
Exploits1References10
Cvelist
Cvelist
added 2006/02/09 12:0 a.m.26 views

CVE-2006-0610

Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, with gpcmagicquotes disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via 1 the fmdataid parameter to calendar.php and 2 the $ad'acc' variable in adminlogin.php...

8.7AI score0.01869EPSS
Exploits1References10
CVE
CVE
added 2006/02/09 12:0 a.m.54 views

CVE-2006-0610

The CVE-2006-0610 entry relates to the 2200net Calendar system (version 1.2). Two vulnerable vectors are identified: (1) calendar.php where fm_data[id] can be injected to modify SQL queries, and (2) adminlogin.php where $ad['acc'] can be manipulated. Affected condition: magic_quotes_gpc must be o...

7.5CVSS8.7AI score0.01869EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder