Family: CGI abuses --> Category: attack
Calendarix SQL Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for multiple vulnerabilities in Calendarix
Detailed Explanation for this Vulnerability Test
The remote host is running Calendarix, a PHP-based calendar system.
The remote version of this software is prone to a remote file include
vulnerability as well as multiple cross-site scripting, and SQL
injection vulnerabilities. Successful exploitation could result in
execution of arbitrary PHP code on the remote site, a compromise of the
application, disclosure or modification of data, or may permit an
attacker to exploit vulnerabilities in the underlying database
See also : http://www.swp-scene.org/?q=node/62
Solution : None at this time.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.