13 matches found
EUVD-2006-0190
Malware in sbrugna...
EUVD-2006-0191
Malware in sbrugna...
Acal calendar 2.2.6 CSRF Vulnerability
No description provided by source. Exploit Title: Acal calendar 2.2.6 CSRF Vulnerability Date: 11-03-2012 Author: Number 7 Software Link: http://sourceforge.net/projects/acalproj/files/latest/download?source=directory Version: 2.2.6 Dork: Calendar Admin: Edit Header and Footer Tested on:...
Acal Calendar 2.2.6 - Cross-Site Request Forgery
Acal Calendar 2.2.6 - Cross-Site Request Forgery Exploit Title: Acal calendar 2.2.6 CSRF Vulnerability Date: 11-03-2012 Author: Number 7 Software Link: http://sourceforge.net/projects/acalproj/files/latest/download?source=directory Version: 2.2.6 Dork: "Calendar Admin: Edit Header and Footer"...
Acal Calendar 2.2.6 - Cross-Site Request Forgery
Exploit Title: Acal calendar 2.2.6 CSRF Vulnerability Date: 11-03-2012 Author: Number 7 Software Link: http://sourceforge.net/projects/acalproj/files/latest/download?source=directory Version: 2.2.6 Dork: "Calendar Admin: Edit Header and Footer" Tested on: Windows,Linux Add User Username: Password...
Acal calendar 2.2.6 CSRF Vulnerability
Exploit for php platform in category web applications Exploit Title: Acal calendar Multiple Vulns Date: 11-03-2012 Author: Number 7 Software Link: http://sourceforge.net/projects/acalproj/files/latest/download?source=directory Version: 2.2.6 Dork: "Calendar Admin: Edit Header and Footer" Tested o...
CVE-2006-0183
Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...
CVE-2006-0183
The CVE-2006-0183 entry concerns ACal Calendar Project 2.2.5. It describes a direct static code injection vulnerability in edit.php that allows authenticated users to execute arbitrary PHP code by supplying values for edit=header (modifying header.php) or edit=footer (modifying footer.php). This ...
CVE-2006-0182
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside"...
Code injection
Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...
CVE-2006-0183
Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 allows authenticated users to execute arbitrary PHP code via 1 the edit=header value, which modifies header.php, or 2 the edit=footer value, which modifies footer.php. NOTE: this issue might be resultant from th...
Authentication flaw
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside"...
CVE-2006-0182
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside"...