Vulnerabilities > CVE-2007-3519 - SQL Injection vulnerability in PHPEventCalendar Eventdisplay.PHP Script
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SQL injection vulnerability in eventdisplay.php in phpEventCalendar 0.2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description phpEventCalendar 0.2.3 - Multiple Vulnerabilities. CVE-2007-3519. Webapps exploit for php platform id EDB-ID:26408 last seen 2016-02-03 modified 2013-06-24 published 2013-06-24 reporter AtT4CKxT3rR0r1ST source https://www.exploit-db.com/download/26408/ title phpEventCalendar 0.2.3 - Multiple Vulnerabilities description phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit. CVE-2007-3519. Webapps exploit for php platform file exploits/php/webapps/4135.pl id EDB-ID:4135 last seen 2016-01-31 modified 2007-07-01 platform php port published 2007-07-01 reporter Iron source https://www.exploit-db.com/download/4135/ title phpEventCalendar <= 0.2.3 eventdisplay.php SQL Injection Exploit type webapps