CVE-2006-0673

Published: Feb 13, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in cms/index.php in Magic Calendar Lite 1.02, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) $total_login and (2) $total_password parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

459

third-party-advisory

x_refsource_SREASON

ADV-2006-0525

vdb-entry

x_refsource_VUPEN

http://evuln.com/vulns/71/summary.html

x_refsource_MISC

16646

vdb-entry

x_refsource_BID

1015650

vdb-entry

x_refsource_SECTRACK

18855

third-party-advisory

x_refsource_SECUNIA

16734

vdb-entry

x_refsource_BID

20060220 [eVuln] Magic Calendar Lite Authentication Bypass

mailing-list

x_refsource_BUGTRAQ

magiccalendar-index-sql-injection(24588)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2006-0673

Description

Affected Products

References