Vulnerabilities > CVE-2004-1552 - Unspecified vulnerability in Full Revolution Aspwebcalendar 4.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Web Calendar System 3.12/3.30 Multiple Remote Vulnerabilities. CVE-2004-1552. Webapps exploit for php platform id EDB-ID:7242 last seen 2016-02-01 modified 2008-11-27 published 2008-11-27 reporter Bl@ckbe@rD source https://www.exploit-db.com/download/7242/ title web calendar system 3.12/3.30 - Multiple Vulnerabilities description aspWebCalendar 4.5 (calendar.asp eventid) SQL Injection Vulnerability. CVE-2004-1552. Webapps exploit for asp platform file exploits/asp/webapps/3546.txt id EDB-ID:3546 last seen 2016-01-31 modified 2007-03-22 platform asp port published 2007-03-22 reporter parad0x source https://www.exploit-db.com/download/3546/ title aspWebCalendar 4.5 calendar.asp eventid SQL Injection Vulnerability type webapps
Nessus
NASL family | CGI abuses |
NASL id | ASPWEBCALENDAR_SQL.NASL |
description | The remote host appears to be running aspWebCalendar, an ASP script designed to faciliate the integration of multiple calendars in a web- based application. There is a flaw in the remote software that could allow anyone to inject arbitrary SQL commands, which may in turn be used to gain administrative access on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14816 |
published | 2004-09-24 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14816 |
title | aspWebCalendar calendar.asp SQL Injection |
code |
|
References
- http://marc.info/?l=bugtraq&m=109604910025090&w=2
- http://marc.info/?l=bugtraq&m=109604910025090&w=2
- http://secunia.com/advisories/12651
- http://secunia.com/advisories/12651
- http://secunia.com/advisories/24622
- http://secunia.com/advisories/24622
- http://www.securityfocus.com/bid/11246
- http://www.securityfocus.com/bid/11246
- http://www.securityfocus.com/bid/23098
- http://www.securityfocus.com/bid/23098
- http://www.vupen.com/english/advisories/2007/1093
- http://www.vupen.com/english/advisories/2007/1093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17506
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17506
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33157
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33157
- https://www.exploit-db.com/exploits/3546
- https://www.exploit-db.com/exploits/3546