CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Expinion.net: >> Multicalendars Security Vulnerabilities

CVE-2006-5977

Multiple SQL injection vulnerabilities in MultiCalendars allow remote attackers to execute arbitrary SQL commands via the (1) M or (2) Y parameter to rss_out.asp, or the (3) cate parameter to all_calendars.asp. NOTE: the all_calendars.asp/calsids vector is already covered by CVE-2006-2293.

CVSS Score

7.5

EPSS Score

0.005

Published

2006-11-20

CVE-2006-2293

SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

CVSS Score

6.4

EPSS Score

0.005

Published

2006-05-10

Page 1

Vulnerabilities

Vulnerable Software

Expinion.net: >> Multicalendars Security Vulnerabilities

Products

Pricing

Contact Us