Описание
Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EPSS
6.5 Medium
CVSS2