Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2973

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2973
Last Modified 08 Sep 2011 12:00:00
Published 12 Jun 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2973

Summary

Multiple SQL injection vulnerabilities in month.php in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the (1) catid and (2) cid parameter. NOTE: this might be a duplicate of CVE-2005-4009.c.

Vulnerable Systems

Application

  • Php Lite Calendar Express 2.2


References

VUPEN - ADV-2006-2220

BID - 18314

BUGTRAQ - 20060607 Calendar Express 2 SQL injection

SREASON - 1089


Last Updated: 27 May 2016 10:42:50