Vulnerabilities > CVE-2006-6792 - SQL Injection vulnerability in Calendar MX Basic Calendar_Detail.ASP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mxmania
exploit available

Summary

SQL injection vulnerability in calendar_detail.asp in Calendar MX BASIC 1.0.2 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Mxmania
2

Exploit-Db

descriptionCalendar MX BASIC <= 1.0.2 (ID) Remote SQL Injection Vulnerability. CVE-2006-6792. Webapps exploit for asp platform
fileexploits/asp/webapps/2993.txt
idEDB-ID:2993
last seen2016-01-31
modified2006-12-23
platformasp
port
published2006-12-23
reporterajann
sourcehttps://www.exploit-db.com/download/2993/
titleCalendar MX BASIC <= 1.0.2 ID Remote SQL Injection Vulnerability
typewebapps