Vulnerabilities > 2200Net
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-02-09 | CVE-2006-0610 | SQL Injection vulnerability in 2200Net Calendar 1.2 Multiple SQL injection vulnerabilities in 2200net Calendar system 1.2, with gpc_magic_quotes disabled, allow remote attackers to execute arbitrary SQL commands and bypass authentication via (1) the fm_data[id] parameter to calendar.php and (2) the $ad['acc'] variable in adminlogin.php. | 7.5 |