Vulnerabilities > Expinion NET > Multicalendars
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-20 | CVE-2006-5977 | SQL-Injection vulnerability in MultiCalendars Multiple SQL injection vulnerabilities in MultiCalendars allow remote attackers to execute arbitrary SQL commands via the (1) M or (2) Y parameter to rss_out.asp, or the (3) cate parameter to all_calendars.asp. | 7.5 |
2006-05-10 | CVE-2006-2293 | SQL Injection vulnerability in Expinion.Net Multicalendars 3.0 SQL injection vulnerability in all_calendars.asp in MultiCalendars 3.0 allows remote attackers to execute arbitrary SQL commands via the calsids parameter. | 6.4 |