RSS   Podatności dla 'Multicalendars'   RSS

2006-11-20
 
CVE-2006-5977

CWE-Other
 

 
Multiple SQL injection vulnerabilities in MultiCalendars allow remote attackers to execute arbitrary SQL commands via the (1) M or (2) Y parameter to rss_out.asp, or the (3) cate parameter to all_calendars.asp. NOTE: the all_calendars.asp/calsids vector is already covered by CVE-2006-2293.

 
2006-05-09
 
CVE-2006-2293

 

 
SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

 

 >>> Vendor: Expinion.net 5 Produkty
News manager lite
Multicalendars
Inews publisher
News manager
Member management system


Copyright 2024, cxsecurity.com

 

Back to Top