exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

Ajax Full Featured Calendar 2.0 SQL Injection
Posted May 26, 2018
Authored by Ozkan Mustafa Akkus

Ajax Full Featured Calendar version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 75b279d2e0d3be7ee8c19f76d7bc94e5

Related Files

Secunia Security Advisory 49939
Posted Jul 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability Lab has reported two vulnerabilities in Event Calendar PHP, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, vulnerability, xss
MD5 | bc7fc5adcae68d7461cb329acff769ad
Event Calendar PHP 1.2 Cross Site Scripting / SQL Injection
Posted Jul 16, 2012
Authored by snup | Site vulnerability-lab.com

Event Calendar PHP version 1.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | caf790121c401f34fb104afa6eec8852
vBulletin 4.2.0 Cross Site Scripting
Posted Jun 20, 2012
Authored by Sangteamtham

vBulletin version 4.2.0 suffers from a persistent cross site scripting vulnerability in the calendar section.

tags | exploit, xss
MD5 | 943e2e0f75d9f6de370ad938df67f281
Joomla JCal Pro Calendar SQL Injection
Posted Jun 15, 2012
Authored by Taurus Omar

Joomla JCal Pro Calendar component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 98357730042c6f447a4c50e82a9cdb42
WebCalendar 1.2.4 Remote Code Execution
Posted Apr 30, 2012
Authored by EgiX

WebCalendar versions 1.2.4 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2012-1495, CVE-2012-1496
MD5 | 5f262ed03724a9203109c2bb48d3886f
WebCalendar 1.2.4 Pre-Auth Remote Code Injection
Posted Apr 30, 2012
Authored by EgiX, sinn3r | Site metasploit.com

This Metasploit modules exploits a vulnerability found in WebCalendar versions 1.2.4 and below. If not removed, the settings.php script meant for installation can be updated by an attacker with injected code. This allows arbitrary code execution as www-data.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2012-1495
MD5 | a55191dbaa9e44a1c3c9352259ba3d7f
Secunia Security Advisory 48906
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Egidio Romano has discovered a vulnerability in WebCalendar, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
MD5 | e89b5b9ec86eab20257938dfcb8a4f35
WordPress All-In-One Event Calendar 1.4 Cross Site Scripting
Posted Apr 12, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress All-In-One Event Calendar plugin version 1.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2012-1835
MD5 | 2c285ca3725b11c88f7bef67b5f27d43
Secunia Security Advisory 48539
Posted Mar 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Event Calendar PHP, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
MD5 | a8d0800b371239ab5a05dee02ea895b2
Event Calendar PHP 1.0 Cross Site Scripting
Posted Mar 24, 2012
Authored by 3spi0n

Event Calendar PHP 1.0 suffers from a cross site scripting vulnerability. Version 1.1 fixes this issue.

tags | exploit, php, xss
MD5 | 5d323fc6ed6811f62dd7f8dd19b906a4
Acal Calendar 2.2.6 Cross Site Request Forgery
Posted Mar 12, 2012
Authored by Number 7

Acal Calendar version 2.2.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | edeee19edebec4da6518dd49af9f2042
Facebook View My Calendar SQL Injection
Posted Feb 14, 2012
Authored by Mahamed Saad

Facebook View My Calendar suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5412acbca43786ccf3dca2791d2031df
Motigo Forums/Calendar/Guestbook Cross Site Scripting
Posted Jan 28, 2012
Authored by Sony

Motigo Forums/Calendar/Guestbook suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3d3cc287c96a1a13d963c88faab688f3
Secunia Security Advisory 47579
Posted Jan 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the My Calendar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 475d30f00212abd238ebada9f62dcfbc
Webcalendar 1.2.4 Cross Site Scripting
Posted Jan 21, 2012
Authored by G13

Webcalendar version 1.2.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 55952a8d08c1bcde1a5019bd8dd65b78
PHP Booking Calendar 10e Cross Site Scripting
Posted Dec 19, 2011
Authored by G13

PHP Booking Calendar version 10e suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 167c14cce4083f37bd94cc00d6132b62
PHP Calendars SQL Injection
Posted Dec 6, 2011
Authored by Mr.MLL

PHP Calendars suffers from a remote SQL injection vulnerability in eventdisplay.php.

tags | exploit, remote, php, sql injection
MD5 | 625de987a961f8a5a46656e8c344ca36
Secunia Security Advisory 46970
Posted Nov 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Freelancer calendar, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 1781b31f159567dcc9c80e20cdf15dc3
Freelancer Calendar 1.01 SQL Injection
Posted Nov 19, 2011
Authored by muuratsalo

Freelancer Calendar versions 1.01 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a14c456ce9481e1aec262a327b0ffc69
CalDAV SSL Certificate Validation
Posted Oct 13, 2011
Authored by Knud | Site nsense.fi

nSense Vulnerability Research Security Advisory - The calendar synchronization feature of iOS fails to validate the SSL certificate provided by the server. Therefore, CalDAV communication can be intercepted by a basic man in the middle attack. As every request contains a HTTP basic authentication header, which contains base64-encoded credentials, it is possible to intercept email account credentials by an attacker that is suitably positioned (e.g. the same LAN, WLAN) or is able to tamper with DNS records pointing to the CalDAV server. The application accepts the untrusted certificate without any warning or prompt, so the attack will go unnoticed by the user.

tags | advisory, web
systems | cisco
advisories | CVE-2011-3253
MD5 | 19bee85cade96df9b286ed03fb3f74ac
Apple Security Advisory 2011-10-12-1
Posted Oct 13, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-10-12-1 - An iOS 5 software update is now available. It addresses an SSL check in CalDAV, a script injection issue in Calendar, issues in CFNetwork, and 90+ other security issues.

tags | advisory
systems | cisco, apple
advisories | CVE-2011-0166, CVE-2011-0184, CVE-2011-0187, CVE-2011-0192, CVE-2011-0206, CVE-2011-0208, CVE-2011-0216, CVE-2011-0218, CVE-2011-0221, CVE-2011-0222, CVE-2011-0225, CVE-2011-0232, CVE-2011-0233, CVE-2011-0234, CVE-2011-0235, CVE-2011-0238, CVE-2011-0241, CVE-2011-0242, CVE-2011-0254, CVE-2011-0255, CVE-2011-0259, CVE-2011-0981, CVE-2011-0983, CVE-2011-1107, CVE-2011-1109, CVE-2011-1114, CVE-2011-1115, CVE-2011-1117
MD5 | 3e86039d23b7ab5190aefb21af1de575
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs weekly. Specifically, by using a negative integer for the BYWEEKNO property, it is possible to trigger a write operation beyond the bounds of an allocated heap buffer. This can lead to the corruption of memory, and the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2662
MD5 | b37c25b14136941416b0a1e33f2d7d58
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs yearly. When adding a sequence of dates, it is possible to trigger an invalid array indexing vulnerability, and write beyond the bounds of a heap buffer. This can lead to the execution of arbitrary code. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2663
MD5 | 478617bafb33189462d68b2d0098051c
iDefense Security Advisory 09.26.11 - Novell Groupwise Heap Overflow
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs on weekdays. A heap based buffer overflow can be triggered due to the lack of checks to ensure that there is enough space in the buffer to hold all of the RRULE entry data. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-4325
MD5 | 915c525f385f16148dfaf4b6acefe3dd
Novell GroupWise Calendar BYWEEKNO Memory Corruption
Posted Sep 28, 2011
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
MD5 | bc4052bb5ae1cf1a84f7ebdc7fcb277b
Page 1 of 4
Back1234Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    2 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close