Vulnerabilities > CVE-2006-1422 - SQL Injection vulnerability in Jjwwebdesign PHPbookingcalendar 1.0C

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

jjwwebdesign

exploit available

NVD

Published: 2006-03-28

Updated: 2017-10-11

Summary

SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remote attackers to execute arbitrary SQL commands via the event_id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Jjwwebdesign Jjwwebdesign Phpbookingcalendar 1.0C	1

Exploit-Db

description	phpBookingCalendar <= 1.0c [details_view.php] Remote SQL Injection. CVE-2006-1422. Webapps exploit for php platform
file	exploits/php/webapps/1610.txt
id	EDB-ID:1610
last seen	2016-01-31
modified	2006-03-25
platform	php
port
published	2006-03-25
reporter	undefined1_
source	https://www.exploit-db.com/download/1610/
title	phpBookingCalendar <= 1.0c - details_view.php Remote SQL Injection
type	webapps

description	PHP Booking Calendar 10 d Remote SQL Injection Exploit. CVE-2006-1422. Webapps exploit for php platform
id	EDB-ID:5696
last seen	2016-01-31
modified	2008-05-29
published	2008-05-29
reporter	Stack
source	https://www.exploit-db.com/download/5696/
title	PHP Booking Calendar 10 d Remote SQL Injection Exploit

Summary

Vulnerable Configurations

Exploit-Db

References