Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Calendar)  >   PHP Event Calendar Vendors:
PHP Event Calendar (ltwCalendar) Missing Input Validation in 'id' Parameter Permits SQL Injection Attacks
SecurityTracker Alert ID:  1016364
SecurityTracker URL:
CVE Reference:   CVE-2005-4011   (Links to External Site)
Updated:  Jun 29 2006
Original Entry Date:  Jun 23 2006
Impact:   Disclosure of system information, Disclosure of user information, User access via network

Version(s): 4.2
Description:   A vulnerability was reported in PHP Event Calendar. A remote user can inject SQL commands.

The 'calendar.php' script does not properly validate user-supplied input in the 'id' parameter. A remote user can supply a specially crafted parameter value to execute SQL commands on the underlying database.

A demonstration exploit URL is of the following form:


Silitix reported this vulnerability.

This product is also called 'ltwCalendar'.

[Editor's note: This vulnerability was original reported by r0t in November 2005 as affecting ltwCalendar version 4.1.3 (See CVE-2005-4011).]

Impact:   A remote user can execute SQL commands on the underlying database.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  [Full-disclosure] Calendar ( Provided by Codewalkers ) - SQL

Content-Type: multipart/alternative; 

Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

[P]roduit : Calendar
            Provided by Codewalkers

[S]ite officiel :

[V]uln=E9rabilit=E9 : SQL Injection

[E]xploitation : /calendar.php?display=3Devent&id=3D[SQL]

[C]r=E9dit : Silitix -

[A]vis de s=E9curit=E9 original :

[G]reetz : Simo64 / MSRT / VeNoM630 / CrAsH_oVeR_rIdE ... :)

Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

[P]roduit : Calendar <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp; Provided by Codewalkers<br>&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;=
 &nbsp; &nbsp;<br>[S]ite officiel : <a href=3D"http://Calendar.codewalkers.=
com"></a><br><br>[V]uln=E9rabilit=E9 : SQL I=
njection<br><br>[E]xploitation : /calendar.php?display=3Devent&amp;id=3D[SQ=
<br><br>[C]r=E9dit : Silitix - <a href=3D"">www.Silit=</a><br><br>[A]vis de s=E9curit=E9 original : <a href=3D"http://www.S="></a><br><br>[G=
]reetz : Simo64 / MSRT / VeNoM630 / CrAsH_oVeR_rIdE ... :)


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC