13 matches found
Sql injection
SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter...
CVE-2008-4650
SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter...
CVE-2008-4650
The CVE-2008-4650 entry describes an SQL injection in the myEvent 1.6 application, specifically in viewevent.php via the eventdate parameter. This allows remote attackers to execute arbitrary SQL commands. The provided connected documents confirm the affected component and the root cause (SQL inj...
myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability
No description provided by source. myEvent 1.6 viewevent.php Remote SQL Injection Vulnerability url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own...
myevent-sql.txt
myEvent 1.6 viewevent.php Remote SQL Injection Vulnerability url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not responsible...
myEvent 1.6 - eventdate SQL Injection
myEvent 1.6 - eventdate SQL Injection myEvent 1.6 viewevent.php Remote SQL Injection Vulnerability url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your ow...
myEvent 1.6 - 'eventdate' SQL Injection
myEvent 1.6 viewevent.php Remote SQL Injection Vulnerability url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not responsible...
CVE-2007-3353
PHP remote file inclusion vulnerability in includes/template.php in MyEvent 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the myeventpath parameter. NOTE: a reliable third party disputes this issue, saying "the entire file is a class...
CVE-2007-3353
PHP remote file inclusion vulnerability in includes/template.php in MyEvent 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the myeventpath parameter. NOTE: a reliable third party disputes this issue, saying "the entire file is a class...
CVE-2007-3353
The CVE-2007-3353 vulnerability affects MyEvent 1.6, specifically in includes/template.php, where a remote file inclusion can occur via the myevent_path parameter to execute arbitrary PHP code. The root cause is an improper handling of the URL parameter, enabling code execution on the server. A t...
CVE-2007-0690
myEvent 1.6 allows remote attackers to obtain sensitive information via 1 a Log In action without a password to login.php, or an invalid 2 view or 3 monthno parameter to myevent.php, which reveals the path in various error messages...
CVE-2007-0690
CVE-2007-0690 affects myEvent version 1.6. Remote attackers can cause error messages from myevent.php and login.php to reveal server paths, enabling partial information disclosure. The issue arises when processing parameters view[], monthno[], or during a login action without a password, which tr...
CVE-2007-0690
myEvent 1.6 allows remote attackers to obtain sensitive information via 1 a Log In action without a password to login.php, or an invalid 2 view or 3 monthno parameter to myevent.php, which reveals the path in various error messages...