Calendarix SQL Injection Vulnerability Network Vulnerability

Summary

The remote host is running Calendarix, a PHP-based calendar system. The remote version of this software is prone to a remote file include vulnerability as well as multiple cross-site scripting, and SQL injection vulnerabilities. Successful exploitation could result in execution of arbitrary PHP code on the remote site, a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Solution

None at this time.

Severity

Classification

CVE CVE-2005-1865

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Axis2 Document Type Declaration Processing Security Vulnerability
Artmedic Kleinanzeigen File Inclusion Vulnerability
ArticleFR CMS Multiple Vulnerabilities - Jan15
AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
Apache Tomcat AJP Protocol Security Bypass Vulnerability

Take action and discover your vulnerabilities