30 matches found
EUVD-2004-1546
Malware in sbrugna...
EUVD-2008-2825
Malware in sbrugna...
CVE-2009-1223
aspWebCalendar Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for calendar/calendar.mdb...
CVE-2009-1223
CVE-2009-1223 affects aspWebCalendar Free Edition. The vulnerability arises from storing sensitive information under the web root with insufficient access control, enabling remote attackers to download a calendar.mdb database containing user credentials via a direct request to calendar/calendar.m...
CVE-2009-1223
aspWebCalendar Free Edition stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing user credentials via a direct request for calendar/calendar.mdb...
aspWebCalendar Free Edition Database Disclosure
I'm not sure how to classify this bug / vulnerability, but for aspWebCalendar Free edition, you can openly download the mdb file and read its contents username,pasword. Example http://www.example.com/calendar/calendar.mdb I guess the fix would be to place the mdb file outside of wwwroot...
aspWebCalendar Free Edition bug
I'm not sure how to classify this bug / vulnerability, but for aspWebCalendar Free edition, you can openly download the mdb file and read its contents username,pasword. Example http://www.example.com/calendar/calendar.mdb I guess the fix would be to place the mdb file outside of wwwroot...
CVE-2008-2832
Unrestricted file upload vulnerability in calendaradmin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/...
Unrestricted file upload
Unrestricted file upload vulnerability in calendaradmin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/...
CVE-2008-2832
Unrestricted file upload vulnerability in calendaradmin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/...
CVE-2008-2832
CVE-2008-2832 is an unrestricted file upload vulnerability in the calendar_admin.asp of Full Revolution aspWebCalendar 2008 . The flaw allows remote attackers to upload and execute arbitrary code by supplying the malicious payload in the FILE1 parameter of the uploadfileprocess action, likely fol...
AspWebCalendar 2008 Remote File Upload Vulnerability
No description provided by source. Title:AspWebCalendar 2008 Remote File Upload Vulnerability Discovered by : AleminKrali Dork :calendar.asp?eventdetail http://site.com/path/calendaradmin.asp?action=uploadfile == upload your Asp shell http://site.com/path/calendar/eventimages/yourshell.asp == you...
AspWebCalendar 2008 Remote File Upload Vulnerability
Title:AspWebCalendar 2008 Remote File Upload Vulnerability Discovered by : AleminKrali Dork :calendar.asp?eventdetail http://site.com/path/calendaradmin.asp?action=uploadfile == upload your Asp shell http://site.com/path/calendar/eventimages/yourshell.asp == your address upload form FORM...
AspWebCalendar 2008 Remote File Upload Vulnerability
Exploit for unknown platform in category web applications ==================================================== AspWebCalendar 2008 Remote File Upload Vulnerability ==================================================== Discovered by : AleminKrali Dork :calendar.asp?eventdetail...
aspwebcal-upload.txt
Title:AspWebCalendar 2008 Remote File Upload Vulnerability Discovered by : AleminKrali Dork :calendar.asp?eventdetail http://site.com/path/calendaradmin.asp?action=uploadfile == upload your Asp shell http://site.com/path/calendar/eventimages/yourshell.asp == your address upload form...
AspWebCalendar 2008 - Arbitrary File Upload
Title:AspWebCalendar 2008 Remote File Upload Vulnerability Discovered by : AleminKrali Dork :calendar.asp?eventdetail http://site.com/path/calendaradmin.asp?action=uploadfile == upload your Asp shell http://site.com/path/calendar/eventimages/yourshell.asp == your address upload form...
AspWebCalendar 2008 - Arbitrary File Upload
AspWebCalendar 2008 - Arbitrary File Upload Title:AspWebCalendar 2008 Remote File Upload Vulnerability Discovered by : AleminKrali Dork :calendar.asp?eventdetail http://site.com/path/calendaradmin.asp?action=uploadfile == upload your Asp shell http://site.com/path/calendar/eventimages/yourshell.a...
aspWebCalendar Remote SQL Injection Vulnerability
Title : aspWebCalendar Remote SQL Injection Vulnerability Author : parad0x Contact : : D.Page : http://www.scriptdungeon.com/script.php?ScriptID=4306 $$ : free S.Page : http://fullrevolution.com http://target/path/calendar.asp?action=viewevent&eventid=SQL Example:...
aspwebcal-sql.txt
Title : aspWebCalendar Remote SQL Injection Vulnerability Author : parad0x Contact : : D.Page : http://www.scriptdungeon.com/script.php?ScriptID=4306 $$ : free S.Page : http://fullrevolution.com http://target/path/calendar.asp?action=viewevent&eventid=SQL Example:...
aspWebCalendar 4.5 (calendar.asp eventid) SQL Injection Vulnerability
No description provided by source. Title : aspWebCalendar Remote SQL Injection Vulnerability Author : parad0x Contact : : D.Page : http://www.scriptdungeon.com/script.php?ScriptID=4306 $$ : free S.Page : http://fullrevolution.com http://target/path/calendar.asp?action=viewevent&eventid=SQL Exampl...