CVE-2005-4011 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-4011
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-4011

Description: SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/23312 http://xforce.iss.net/xforce/xfdb/27362 ST 1016364 SAID Secunia Advisory: SA17799 OSVDB 21195 27539 MLIST http://www.attrition.org/pipermail/vim/2006-December/001154.html MISC http://pridels.blogspot.com/2005/11/codewalkers-ltwcalendar-4x-sql-inj.html http://www.Silitix.com/calendar-cws.php CONFIRM http://ltwcalendar.sourceforge.net/changelog.php BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/438580/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/438232/100/0/threaded BID 15636 18593

Return to the previous page.