6 matches found
EUVD-2007-3503
Malware in sbrugna...
Vermont Web Design SQL Injection
Exploit Title: Vermont Web Desing SQL Ýnjecktion Author: Th4 MasK Vendor : http://www.gbwebcreations.com/ Date : 21.04.2012 Platform : Php Dork : Powered By GB Web Creations // Demo Site : http://www.turningpointsinamericanhistory.org/calendar/eventdisplay.php?&id=38SQL Exploit ;...
PHP Calendars SQL Injection
==================================================== php calendars script SQL Injection ==================================================== calendars script SQL Injection Author: Mr.MLL Published: 2011-12-3 Download Exploit Code Download N/A ========= Software :...
PHPEventCalendar Eventdisplay.PHP SQL注入漏洞
PHPEventCalendar是一款基于PHP的WEB应用程序。 PHPEventCalendar不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击获得敏感信息。 问题是由于'Eventdisplay.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可导致应用程序处理时更改原来的SQL逻辑,攻击者可以获得敏感信息或者操作数据库。 phpEventCalendar phpEventCalendar 0.2.3 phpEventCalendar phpEventCalendar 0.2.2 目前没有解决方案提供:...
Sql injection
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2007-3519
CVE-2007-3519 describes an SQL injection in the eventdisplay.php script of phpEventCalendar 0.2.3 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands through the id parameter. Affected component: PHP-based calendar application (eventdisplay.php). Root cause: u...