Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection MetaCart e-Shop [multiples injection sql (get & post)] E-commerce Kit 1 PayPal Edition [ injection sql ] TorrentFlux 2.2 Arbitrary File Creation/Overwrite/De letion & Command Execution Vulnerablities From:laurent gaffié <saps.audit_(at)_gmail.com> Date:16.11.2006Subject:MultiCalendars [ multiples injection sql ]vendor site:http://www.expinion.net/ product:MultiCalendars bug:injection sql risk:medium injection sql (get) http://site.com/rss_out.asp?ID=1&MODE=1&M='[sql] http://site.com/rss_out.asp?ID=1&MODE=1&M=10&Y='[sql] http://site.com/all_calendars.asp?month=11&year=2006&cate='[sql] http://site.com/all_calendars.asp?month=11&year=2006&cate=&ID=&cT YPE=2&calsids='[sql] laurent gaffie & benjamin mosse http://s-a-p.ca/ contact: saps.audit@gmail.com
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Xtreme ASP Photo Gallery Cross Site Scripting And SQL Injection
MetaCart e-Shop [multiples injection sql (get & post)]
E-commerce Kit 1 PayPal Edition [ injection sql ]
TorrentFlux 2.2 Arbitrary File Creation/Overwrite/De letion & Command Execution Vulnerablities
