Vulnerabilities > CVE-2007-3515 - Unspecified vulnerability in Sweetphp Totalcalendar
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sweetphp
exploit available
Summary
SQL injection vulnerability in view_event.php in TotalCalendar 2.402 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | TotalCalendar <= 2.402 (view_event.php) Remote SQL Injection Vulns. CVE-2007-3515. Webapps exploit for php platform |
| file | exploits/php/webapps/4130.txt |
| id | EDB-ID:4130 |
| last seen | 2016-01-31 |
| modified | 2007-06-30 |
| platform | php |
| port | |
| published | 2007-06-30 |
| reporter | t0pP8uZz |
| source | https://www.exploit-db.com/download/4130/ |
| title | TotalCalendar <= 2.402 view_event.php Remote SQL Injection Vulns |
| type | webapps |
References
- http://osvdb.org/36337
- http://osvdb.org/36337
- http://secunia.com/advisories/25899
- http://secunia.com/advisories/25899
- http://www.securityfocus.com/bid/24716
- http://www.securityfocus.com/bid/24716
- http://www.vupen.com/english/advisories/2007/2401
- http://www.vupen.com/english/advisories/2007/2401
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35189
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35189
- https://www.exploit-db.com/exploits/4130
- https://www.exploit-db.com/exploits/4130