Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-6049

Malware in sbrugna...

7.5CVSS6.4AI score0.02032EPSS
Exploits1References10
NVD
NVD
added 2006/11/22 2:7 a.m.14 views

CVE-2006-6066

Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter to a adminlogin.asp, the 3 ID parameter to b eventsearchdetail.asp, or the 4 VenueID parameter to c venuedetail.asp...

7.5CVSS8.7AI score0.02032EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/11/22 2:0 a.m.17 views

CVE-2006-6066

Multiple SQL injection vulnerabilities in Dragon Calendar / Events Listing 2.x allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter to a adminlogin.asp, the 3 ID parameter to b eventsearchdetail.asp, or the 4 VenueID parameter to c venuedetail.asp...

8.7AI score0.02032EPSS
Exploits1References9
CVE
CVE
added 2006/11/22 2:0 a.m.46 views

CVE-2006-6066

Vulnerability summary (CVE-2006-6066) : Dragon Calendar / Events Listing 2.x contains multiple SQL injection flaws allowing remote attackers to execute arbitrary SQL commands via parameters in API endpoints: username or password to admin_login.asp, ID to event_searchdetail.asp, and VenueID to ven...

7.5CVSS9.1AI score0.02032EPSS
Exploits1References9Affected Software1
Positive Technologies
Positive Technologies
added 2006/11/22 12:0 a.m.4 views

PT-2006-6711 · Dragon · Dragon Calendar / Events Listing

Name of the Vulnerable Software and Affected Versions: Dragon Calendar / Events Listing versions 2.x Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the username or password parameter to the "admin login.asp" API endpoint, the ID paramete...

7.5CVSS7.8AI score0.02032EPSS
Exploits1References13
securityvulns
securityvulns
added 2006/11/16 12:0 a.m.36 views

Dragon calendar [ login bypass & injection sql ]

vendor site:http://www.dragoninternet.net/ product:Dragon Events Listing bug:login bypass & injection sql risk:high login bypass : username: 'or''=' passwd: 'or''=' injection sql get http://site.com/eventsearchdetail.asp?ID='sql http://site.com/venuedetail.asp?VenueID='sql laurent gaffie & benjam...

0.5AI score
Exploits0
Rows per page
Query Builder