Back to search
CVE-2005-3949
Published: Dec 1, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) startid parameter to activity_log.php, (2) startid parameter to admin_handler.php, (3) template parameter to edit_template.php, and (4) multiple parameters to export_handler.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17784
third-party-advisory
x_refsource_SECUNIA
20051201 WebCalendar Multiple Vulnerabilities.
mailing-list
x_refsource_BUGTRAQ
20051128 WebCalendar Multiple Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
21219
vdb-entry
x_refsource_OSVDB
19240
third-party-advisory
x_refsource_SECUNIA
webcalendar-multiple-scripts-sql-injection(23369)
vdb-entry
x_refsource_XF
21218
vdb-entry
x_refsource_OSVDB
21217
vdb-entry
x_refsource_OSVDB
ADV-2005-2643
vdb-entry
x_refsource_VUPEN
215
third-party-advisory
x_refsource_SREASON
21216
vdb-entry
x_refsource_OSVDB
http://sourceforge.net/forum/forum.php?thread_id=1392833&forum_id=11587
x_refsource_CONFIRM
15608
vdb-entry
x_refsource_BID
15662
vdb-entry
x_refsource_BID
DSA-1002
vendor-advisory
x_refsource_DEBIAN
15606
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now