CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to 1 login.php, 2 auth.php, and 3 subscribe.php. NOTE: the month.php, year.php, week.php, and day.php vectors are already covered by CVE-2005-4009...

7.5CVSS8.5AI score0.00603EPSS

Exploits2References1

seebug.org•added 2014/07/01 12:0 a.m.•16 views

PHP Lite Calendar Express 2.2 subscribe.php cid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•28 views

PHP Lite Calendar Express 2.2 login.php cid Parameter SQL Injection

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•25 views

PHP Lite Calendar Express 2.2 auth.php cid Parameter SQL Injection

7.1AI score

Exploits0

Prion•added 2007/07/09 4:30 p.m.•26 views

Sql injection

7.5CVSS8.6AI score0.00603EPSS

Exploits2References1Affected Software1

NVD•added 2007/07/09 4:30 p.m.•18 views

CVE-2007-3627

7.5CVSS8AI score0.00502EPSS

Exploits1References1

Cvelist•added 2007/07/09 4:0 p.m.•20 views

CVE-2007-3627

8AI score0.00502EPSS

Exploits1References1

NVD•added 2006/06/12 10:2 p.m.•18 views

CVE-2006-2973

Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the 1 catid and 2 cid parameter. NOTE: this might be a duplicate of CVE-2005-4009.c...

7.5CVSS8.3AI score0.00367EPSS

Exploits1References4

CVE•added 2006/06/12 10:0 p.m.•63 views

CVE-2006-2973

CVE-2006-2973 involves multiple SQL injection vulnerabilities in month.php of PHP Lite Calendar Express 2.2 . The issue allows remote attackers to execute arbitrary SQL commands via the (1) and (2) parameters, potentially affecting the application’s database through the affected page. The CVSS ...

7.5CVSS8.4AI score0.00367EPSS

Exploits1References4Affected Software1

Cvelist•added 2006/06/12 10:0 p.m.•18 views

CVE-2006-2973

8.3AI score0.00367EPSS

Exploits1References4

NVD•added 2005/12/05 11:3 a.m.•20 views

CVE-2005-4009

Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 cid and 2 catid parameters to a day.php, b week.php, c month.php, and d year.php...

7.5CVSS8.4AI score0.00603EPSS

Exploits1References4

Cvelist•added 2005/12/05 11:0 a.m.•17 views

CVE-2005-4009

8.4AI score0.00603EPSS

Exploits1References4

CVE•added 2005/12/05 11:0 a.m.•42 views

CVE-2005-4009

Summary of confirmed issues (CVE-2005-4009, CVE-2007-3627, related CVEs): PHP Lite Calendar Express 2.2 and earlier contain multiple SQL injection vulnerabilities. The CVE-2005-4009 entries describe injection via the cid and catid parameters to day.php, week.php, month.php, and year.php. The CVE-...

7.5CVSS8.5AI score0.00603EPSS

Exploits1References4Affected Software1

Exploit DB•added 2005/08/08 12:0 a.m.•35 views

PHP Lite Calendar Express 2.2 - 'auth.php?cid' SQL Injection

source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the applicatio...

7.4AI score

Exploits0

exploitpack•added 2005/08/08 12:0 a.m.•12 views

PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection

PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful...

0.3AI score

Exploits0

Exploit DB•added 2005/08/08 12:0 a.m.•31 views

PHP Lite Calendar Express 2.2 - 'Subscribe.php?cid' SQL Injection

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by