Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0252

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0252
Last Modified 07 Mar 2011 09:29:39
Published 17 Jan 2006 08:51:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0252

Summary

SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by the (1) year, (2) month, and (3) day parameters.

Vulnerable Systems

Application

  • Benders Calendar 1.0


References

VUPEN - ADV-2006-0190

BID - 16242

BUGTRAQ - 20060115 [eVuln] Benders Calendar SQL Injection

OSVDB - 22449

SECTRACK - 1015491

SECUNIA - 18462

MISC - http://evuln.com/vulns/30/summary.html

XF - benderscalendar-sql-injection(24120)


Last Updated: 27 May 2016 10:41:35