SecuritySpace - CVE-2007-3627

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2007-3627

Description: Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) login.php, (2) auth.php, and (3) subscribe.php. NOTE: the month.php, year.php, week.php, and day.php vectors are already covered by CVE-2005-4009. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Test IDs: 1.3.6.1.4.1.25623.1.0.19749

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2007-3627
BugTraq ID: 14504
http://www.securityfocus.com/bid/14504

CVE ID:	CVE-2007-3627
Description:	Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) login.php, (2) auth.php, and (3) subscribe.php. NOTE: the month.php, year.php, week.php, and day.php vectors are already covered by CVE-2005-4009. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Test IDs:	1.3.6.1.4.1.25623.1.0.19749
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3627 BugTraq ID: 14504 http://www.securityfocus.com/bid/14504