Nodstrum Mysql Calendar vulnerabilities
2 known vulnerabilities affecting nodstrum/mysql_calendar.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2008-5738P3HIGHCVSS 7.5PoCv1.1v1.22008-12-26
CVE-2008-5738 [HIGH] CWE-264 CVE-2008-5738: Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain admini
Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
nvd
CVE-2008-5737P3HIGHCVSS 7.5PoCv1.1v1.22008-12-26
CVE-2008-5737 [HIGH] CWE-89 CVE-2008-5737: SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attack
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
nvd