Lucene search
K

171 matches found

Prion
Prion
added 2015/01/13 11:59 a.m.15 views

Sql injection

SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter...

7.5CVSS9.1AI score0.01234EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2015/01/13 11:0 a.m.42 views

CVE-2014-10015

CVE-2014-10015 is a SQL injection vulnerability in the PHPJabbers Event Booking Calendar 2.0, specifically in load-calendar.php where the vulnerable parameter is cid . The issue allows remote attackers to execute arbitrary SQL commands, as described across multiple sources (NVD entry and corrobor...

7.5CVSS8.7AI score0.01234EPSS
Exploits1References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

VWar 1.5 'calendar.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27722/info VWar is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

wwwThreads Calendar.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19177/info WWWThreads is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Loggix Project <= 9.4.5 - Multiple Remote File Include Vulnerability

No description provided by source. In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

UBBCentral UBB.threads 5.5.1/6.x calendar.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

ExtCalendar 2 (calendar.php) SQL Injection Vulnerability

No description provided by source. Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

DCP-Portal 3.7/4.x/5.x/6.x calendar.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17050/info DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

UBBCentral UBB.threads 6.2.3/6.5 calendar.php Cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

DCP-Portal 5.3.1 Calendar.php Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7144/info It has been reported that DCP-Portal does not sufficiently filter URI parameters supplied to the DCP-Portal 'calender' script. As a result of this deficiency, it is possible for a remote attacker to create a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Thwboard Beta 2.8 calendar.php year Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15763/info ThWboard is prone to multiple input validation vulnerabilities. The application is vulnerable to HTML injection, cross-site scripting, and SQL injection; these issues are due to a lack of proper sanitization of...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/22 12:0 a.m.30 views

MyBB < 1.6.10 Multiple Vulnerabilities

According to its version number, the MyBB install hosted on the remote web server is affected by multiple vulnerabilities : - A SQL injection vulnerability exists due to improper sanitization of user-supplied input during database optimization. - A SQL injection vulnerability exists due to improp...

5.5AI score
Exploits0References1
Exploit DB
Exploit DB
added 2011/12/10 12:0 a.m.38 views

Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities

FCMS2.7.2 cms and earlier multiple stored XSS Vulnerability =================================================================================== Exploit Title: FCMS2.7.2 cms multiple stored XSS Vulnerability Download link...

7.4AI score
Exploits0
myhack58
myhack58
added 2011/08/01 12:0 a.m.33 views

Ecshop the latest version v. 2 7 2 Local include vulnerability Oday-vulnerability warning-the black bar safety net

“js/calendar.php”: the $lang = ! empty$GET'lang' ? trim$GET'lang' : 'EN';//no filter, obviously contains a vulnerability if ! fileexists'../languages/' . $lang . '/calendar.php' $lang = 'EN'; requiredirnamedirnameFILE . '/data/config.php'; header'Content-type: application/x-javascript; charset='...

1AI score
Exploits0
exploitpack
exploitpack
added 2011/01/11 12:0 a.m.13 views

Extcalendar 2 - calendar.php SQL Injection

Extcalendar 2 - calendar.php SQL Injection Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2011/01/11 12:0 a.m.28 views

ExtCalendar 2 SQL Injection

Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat ================================================================ -== ExPloiT ==-...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2011/01/11 12:0 a.m.22 views

Extcalendar 2 - &#039;calendar.php&#039; SQL Injection

Title : ExtCalendar 2 calendar.php SQL Injection Vulnerability Author : Lagripe-Dz Product: ExtCalendar 2 Download : http://sourceforge.net/projects/extcal/ Date: 10/01/2011 Dork : inurl:calendar.php?mode=cat ================================================================ -== ExPloiT ==-...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/07/30 12:0 a.m.49 views

ExtCalendar 2 Blind SQL Injection Vulnerability

Exploit for php platform in category web applications =============================================== ExtCalendar 2 Blind SQL Injection Vulnerability =============================================== ========================================================== Date: 30/07/2010 Author : Lagripe-Dz...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/07/29 12:0 a.m.77 views

PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection

PBBooking 1.0.43 Joomla Component Multiple Blind SQL Injection Name PBBooking Vendor http://sourceforge.net/projects/pbbooking/ Versions Affected 1.0.43 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-29 X. INDEX ...

0.4AI score
Exploits0
Rows per page
Query Builder