Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2429

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2429
Last Modified 26 Nov 2008 12:00:00
Published 25 Nov 2008 08:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2429

Summary

Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via (1) the catsearch parameter to cal_search.php or (2) the catview parameter to cal_cat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap CVE-2005-1865.2.

Vulnerable Systems

Application

  • Calendarix Basic 0.8.20071118


References

MISC - http://secunia.com/secunia_research/2008-28/advisory/

SECUNIA - 30710


Last Updated: 27 May 2016 10:47:52