Lucene search
K

6 matches found

securityvulns
securityvulns
added 2006/03/22 12:0 a.m.50 views

1WebCalendar v 4.x vuln.

1WebCalendar v 4.x vuln. Vuln. discovered by : r0t Date: 22 march 2006 vendor:www.bensonitsolutions.com/calendar/v4/ affected version: v4.0 and prior orginal advisory: http://pridels.blogspot.com/2006/03/1webcalendar-v-4x-vuln.html Vuln.desc. 1WebCalendar contains a flaw that allows a remote sql...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/22 12:0 a.m.146 views

1WebCalendar 4.0 - '/news/newsView.cfm?NewsID' SQL Injection

source: https://www.securityfocus.com/bid/17193/info 1WebCalendar is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to...

7.4AI score
Exploits0
NVD
NVD
added 2005/12/04 11:3 a.m.17 views

CVE-2005-3984

SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the timerange parameter to editreporthandler.php. NOTE: the startid/activitylog.php vector is already covered by CVE-2005-3949...

7.5CVSS8.1AI score0.01271EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/02/18 12:0 a.m.31 views

[ SCL-2005.001 ] - WebCalendar: SQL Injection from encoded cookie

=====BEGIN-SCL-REPORT===== Scovetta Labs Security Advisory Title: WebCalendar: SQL Injection from encoded cookie Status: Public Release Date: 2005-02-16 Package: WebCalendar Vendor: k5n.us - http://www.k5n.us/webcalendar.php Priority: High Vulnerability: SQL Injection Affected Versions:...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/18 12:0 a.m.17 views

WebCalendar users.php user_valid_crypt Parameter < 1.0.0 SQL Injection

Binary data 2628.prm...

7.5CVSS7.3AI score0.01442EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2005/02/17 12:0 a.m.26 views

WebCalendar 0.9.45 - SQL Injection

source: https://www.securityfocus.com/bid/12581/info WebCalendar is affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the...

7.4AI score
Exploits0
Rows per page
Query Builder