2 matches found
CVE-2006-0492
The CVE-2006-0492 entry affects Calendarix and describes multiple SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via (1) catview in cal_functions.inc.php and (2) login in cal_login.php. The catview vector may overlap CVE-2005-1865. No product versions ...
CVE-2005-1865
CVE-2005-1865 describes multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 . Remote attackers can cause arbitrary SQL execution via the following inputs: (1) catview parameter to cal_week.php , (2) cat_view to cal_cat.php , (3) cal_day.php, or (4) id parameter to cal_pophols.php . ...