6 matches found
1WebCalendar v 4.x vuln.
1WebCalendar v 4.x vuln. Vuln. discovered by : r0t Date: 22 march 2006 vendor:www.bensonitsolutions.com/calendar/v4/ affected version: v4.0 and prior orginal advisory: http://pridels.blogspot.com/2006/03/1webcalendar-v-4x-vuln.html Vuln.desc. 1WebCalendar contains a flaw that allows a remote sql...
1WebCalendar 4.0 - '/news/newsView.cfm?NewsID' SQL Injection
source: https://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to...
CVE-2005-3984
SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the timerange parameter to editreporthandler.php. NOTE: the startid/activitylog.php vector is already covered by CVE-2005-3949...
[ SCL-2005.001 ] - WebCalendar: SQL Injection from encoded cookie
=====BEGIN-SCL-REPORT===== Scovetta Labs Security Advisory Title: WebCalendar: SQL Injection from encoded cookie Status: Public Release Date: 2005-02-16 Package: WebCalendar Vendor: k5n.us - http://www.k5n.us/webcalendar.php Priority: High Vulnerability: SQL Injection Affected Versions:...
WebCalendar users.php user_valid_crypt Parameter < 1.0.0 SQL Injection
Binary data 2628.prm...
WebCalendar 0.9.45 - SQL Injection
source: https://www.securityfocus.com/bid/12581/info WebCalendar is affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the...