Vulnerabilities > CVE-2006-0835 - SQL Injection vulnerability in Web Calendar Pro Dropbase.PHP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in dropbase.php in MitriDAT Web Calendar Pro allows remote attackers to modify internal SQL queries and cause a denial of service (inaccessible database) via the tabls parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Web Calendar Pro Dropbase.PHP SQL Injection Vulnerability. CVE-2006-0835. Webapps exploit for php platform |
| id | EDB-ID:27298 |
| last seen | 2016-02-03 |
| modified | 2006-02-23 |
| published | 2006-02-23 |
| reporter | ReZEN |
| source | https://www.exploit-db.com/download/27298/ |
| title | Web Calendar Pro Dropbase.PHP SQL Injection Vulnerability |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0340.html
- http://secunia.com/advisories/18902
- http://www.securityfocus.com/bid/16789
- http://www.vupen.com/english/advisories/2006/0700
- http://www.xorcrew.net/xpa/XPA-WebCalendarPro.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24729