Vulnerability Details CVE-2006-2293
SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.8%
CVSS Severity
CVSS v2 Score 6.4
References
- http://downloads.securityfocus.com/vulnerabilities/exploits/multicalendars-3.0-sql-inj.txt
- http://secunia.com/advisories/20030
- http://www.osvdb.org/25428
- http://www.securityfocus.com/bid/17903
- http://www.vupen.com/english/advisories/2006/1750
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26362
- http://downloads.securityfocus.com/vulnerabilities/exploits/multicalendars-3.0-sql-inj.txt
- http://secunia.com/advisories/20030
- http://www.osvdb.org/25428
- http://www.securityfocus.com/bid/17903
- http://www.vupen.com/english/advisories/2006/1750
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26362
Products affected by CVE-2006-2293
-
cpe:2.3:a:expinion.net:multicalendars:3.0