Vulnerabilities > CVE-2006-2293 - SQL Injection vulnerability in Expinion.Net Multicalendars 3.0

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
expinion-net
exploit available

Summary

SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Vulnerable Configurations

Part Description Count
Application
Expinion.Net
1

Exploit-Db

descriptionMultiCalendars 3.0 All_calendars.ASP SQL Injection Vulnerability. CVE-2006-2293. Webapps exploit for asp platform
idEDB-ID:27842
last seen2016-02-03
modified2006-05-09
published2006-05-09
reporterDj_Eyes
sourcehttps://www.exploit-db.com/download/27842/
titleMultiCalendars 3.0 - All_calendars.ASP SQL Injection Vulnerability