Vulnerabilities > CVE-2006-2264 - Input Validation vulnerability in Ocean12 Technologies Calendar Manager PRO 1.00

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
ocean12-technologies
exploit available

Summary

Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Ocean12_Technologies
1

Exploit-Db

  • descriptionOcean12 Technologies Calendar Manager Pro 1.0 1 admin/view.asp SearchFor Parameter SQL Injection. CVE-2006-2264. Webapps exploit for asp platform
    idEDB-ID:27826
    last seen2016-02-03
    modified2006-05-08
    published2006-05-08
    reporterdj_eyes2005
    sourcehttps://www.exploit-db.com/download/27826/
    titleOcean12 Technologies Calendar Manager Pro 1.0 1 admin/view.asp SearchFor Parameter SQL Injection
  • descriptionOcean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection. CVE-2006-2264. Webapps exploit for asp platform
    idEDB-ID:27825
    last seen2016-02-03
    modified2006-05-08
    published2006-05-08
    reporterdj_eyes2005
    sourcehttps://www.exploit-db.com/download/27825/
    titleOcean12 Technologies Calendar Manager Pro 1.0 1 admin/main.asp date Parameter SQL Injection
  • descriptionOcean12 Technologies Calendar Manager Pro 1.0 1 admin/edit.asp ID Parameter SQL Injection. CVE-2006-2264. Webapps exploit for asp platform
    idEDB-ID:27827
    last seen2016-02-03
    modified2006-05-08
    published2006-05-08
    reporterdj_eyes2005
    sourcehttps://www.exploit-db.com/download/27827/
    titleOcean12 Technologies Calendar Manager Pro 1.0 1 admin/edit.asp ID Parameter SQL Injection