Vulnerabilities > Nodstrum
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-26 | CVE-2008-5738 | Permissions, Privileges, and Access Controls vulnerability in Nodstrum Mysql Calendar 1.1/1.2 Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. | 7.5 |
2008-12-26 | CVE-2008-5737 | SQL Injection vulnerability in Nodstrum Mysql Calendar 1.1/1.2 SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter. | 7.5 |