Family: CGI abuses --> Category: infos
WebCalendar SQL Injection Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Sends a malformed cookie to the remote host
Detailed Explanation for this Vulnerability Test
The remote web server has a PHP script that is affected by a SQL
The remote version of WebCalendar is vulnerable to a SQL injection
vulnerability that may allow a possible hacker to execute arbitrary SQL
statements against the remote database. A possible hacker may be able to
leverage this issue to, for example, delete arbitrary database tables.
See also :
Upgrade to WebCalendar 0.9.5 or later.
Medium / CVSS Base Score : 5
Click HERE for more information and discussions on this network vulnerability scan.