Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1865

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1865
Last Modified 05 Sep 2008 04:50:17
Published 09 Jun 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1865

Summary

Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote attackers to execute arbitrary SQL commands via the catview parameter to (1) cal_week.php, (2) cal_cat.php, or (3) cal_day.php, or (4) id parameter to cal_pophols.php.

Vulnerable Systems

Application

  • Vincent Hor Calendarix Advanced 1.5


References

OSVDB - 16975

OSVDB - 16974

OSVDB - 16972

OSVDB - 16971

SECTRACK - 1014083

SECUNIA - 15569

BUGTRAQ - 20050531 multiple vulnerability Calendarix Advanced

CONFIRM - http://www.calendarix.com/download_basic.php

CONFIRM - http://www.calendarix.com/download_advanced.php


Last Updated: 27 May 2016 10:40:18