Calendarix SQL Injection Vulnerability Network Vulnerability

Summary

The remote host is running Calendarix, a PHP-based calendar system. The remote version of this software is prone to a remote file include vulnerability as well as multiple cross-site scripting, and SQL injection vulnerabilities. Successful exploitation could result in execution of arbitrary PHP code on the remote site, a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Solution

None at this time.

Severity

Classification

CVE CVE-2005-1865
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AudiStat multiple vulnerabilities
admin.cgi overflow
4Images <= 1.7.1 Directory Traversal Vulnerability
AjaxPortal 'di.php' File Inclusion Vulnerability
Alchemy Eye HTTP Command Execution

Take action and discover your vulnerabilities