Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2005-4011 - CERT CVE
CVE-2005-4011
ID
CVE-2005-4011
Sažetak
SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Reference
http://ltwcalendar.sourceforge.net/changelog.php
http://pridels0.blogspot.com/2005/11/codewalkers-ltwcalendar-4x-sql-inj.html
http://secunia.com/advisories/17799
http://securitytracker.com/id?1016364
http://www.attrition.org/pipermail/vim/2006-December/001154.html
http://www.osvdb.org/21195
http://www.osvdb.org/27539
http://www.securityfocus.com/archive/1/438232/100/0/threaded
http://www.securityfocus.com/archive/1/438580/100/0/threaded
http://www.securityfocus.com/bid/15636
http://www.securityfocus.com/bid/18593
http://www.Silitix.com/calendar-cws.php
http://www.vupen.com/english/advisories/2005/2652
https://exchange.xforce.ibmcloud.com/vulnerabilities/23312
https://exchange.xforce.ibmcloud.com/vulnerabilities/27362
CVSS
Base:
7.5
Impact:
6.4
Exploitability:
10.0
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
PARTIAL
PARTIAL
CVSS vektor
AV:N/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje
19-10-2018 - 15:39
Objavljeno
05-12-2005 - 11:03