Vulnerabilities > CVE-2006-2264 - Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/view.asp SearchFor Parameter SQL Injection. CVE-2006-2264. Webapps exploit for asp platform id EDB-ID:27826 last seen 2016-02-03 modified 2006-05-08 published 2006-05-08 reporter dj_eyes2005 source https://www.exploit-db.com/download/27826/ title Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/view.asp SearchFor Parameter SQL Injection description Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection. CVE-2006-2264. Webapps exploit for asp platform id EDB-ID:27825 last seen 2016-02-03 modified 2006-05-08 published 2006-05-08 reporter dj_eyes2005 source https://www.exploit-db.com/download/27825/ title Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection description Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/edit.asp ID Parameter SQL Injection. CVE-2006-2264. Webapps exploit for asp platform id EDB-ID:27827 last seen 2016-02-03 modified 2006-05-08 published 2006-05-08 reporter dj_eyes2005 source https://www.exploit-db.com/download/27827/ title Ocean12 Technologies Calendar Manager Pro 1.0 1 admin/edit.asp ID Parameter SQL Injection