Summary
This host is running TotalCalendar and is prone to SQL injection and directory traversal vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary HTML and script code and manipulate SQL queries by injecting arbitrary SQL code in a user's browser session in context of an affected site.
Impact Level: Application.
Solution
Upgrade to version 2.403 or later,
For updates refer to http://www.sweetphp.com/nuke/index.php
Insight
The flaw exists due to:
- An improper validation of user supplied data to 'selectedCal' parameter in a 'SwitchCal' action within the 'modfile.php' script.
- An improper validation of user supplied data to 'box' parameter to script 'box_display.php'.
Affected
TotalCalendar version 2.4
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-4973, CVE-2009-4974 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Artifectx xClassified 'catid' SQL Injection Vulnerability
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
- Arkeia Appliance Multiple Vulnerabilities
- Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities