171 matches found
Sql injection
SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter...
CVE-2014-10015
CVE-2014-10015 is a SQL injection vulnerability in the PHPJabbers Event Booking Calendar 2.0, specifically in load-calendar.php where the vulnerable parameter is cid . The issue allows remote attackers to execute arbitrary SQL commands, as described across multiple sources (NVD entry and corrobor...
VWar 1.5 'calendar.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27722/info VWar is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
wwwThreads Calendar.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19177/info WWWThreads is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of...
Loggix Project <= 9.4.5 - Multiple Remote File Include Vulnerability
No description provided by source. In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog :...
UBBCentral UBB.threads 5.5.1/6.x calendar.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker...
ExtCalendar 2 (calendar.php) SQL Injection Vulnerability
No description provided by source. Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat...
DCP-Portal 3.7/4.x/5.x/6.x calendar.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...
UBBCentral UBB.threads 6.2.3/6.5 calendar.php Cat Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including...
DCP-Portal 5.3.1 Calendar.php Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7144/info It has been reported that DCP-Portal does not sufficiently filter URI parameters supplied to the DCP-Portal 'calender' script. As a result of this deficiency, it is possible for a remote attacker to create a...
Thwboard Beta 2.8 calendar.php year Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of...
Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
MyBB < 1.6.10 Multiple Vulnerabilities
According to its version number, the MyBB install hosted on the remote web server is affected by multiple vulnerabilities : - A SQL injection vulnerability exists due to improper sanitization of user-supplied input during database optimization. - A SQL injection vulnerability exists due to improp...
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities
FCMS2.7.2 cms and earlier multiple stored XSS Vulnerability =================================================================================== Exploit Title: FCMS2.7.2 cms multiple stored XSS Vulnerability Download link...
Ecshop the latest version v. 2 7 2 Local include vulnerability Oday-vulnerability warning-the black bar safety net
“js/calendar.php”: the $lang = ! empty$GET'lang' ? trim$GET'lang' : 'EN';//no filter, obviously contains a vulnerability if ! fileexists'../languages/' . $lang . '/calendar.php' $lang = 'EN'; requiredirnamedirnameFILE . '/data/config.php'; header'Content-type: application/x-javascript; charset='...
Extcalendar 2 - calendar.php SQL Injection
Extcalendar 2 - calendar.php SQL Injection Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat...
ExtCalendar 2 SQL Injection
Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat ================================================================ -== ExPloiT ==-...
Extcalendar 2 - 'calendar.php' SQL Injection
Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat ================================================================ -== ExPloiT ==-...
ExtCalendar 2 Blind SQL Injection Vulnerability
Exploit for php platform in category web applications =============================================== ExtCalendar 2 Blind SQL Injection Vulnerability =============================================== ========================================================== Date: 30/07/2010 Author : Lagripe-Dz...
PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection
PBBooking 1.0.43 Joomla Component Multiple Blind SQL Injection Name PBBooking Vendor http://sourceforge.net/projects/pbbooking/ Versions Affected 1.0.43 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-29 X. INDEX ...