3 matches found
Joomla Component com_gigcal SQL Injection (CVE-2009-0726)
An SQL injection vulnerability has been reported in Gigcalendar Com Gigcalendar. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Sql injection
Multiple SQL injection vulnerabilities in the GigCalendar comgigcal component 1.0 for Mambo and Joomla!, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the gigcal venuesid parameter in a details action to index.php, which is not properly handled by...
CVE-2009-0726
The connected data confirms a SQL injection in Joomla/Mambo GigCalendar (com_gigcal) 1.0 via the gigcal_gigs_id parameter in the details action of index.php. Specifically, when magic_quotes_gpc is disabled, an unauthenticated remote attacker can manipulate database queries through gigdetails.php ...