CVE-2006-0252 Information

Description

SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters as demonstrated by the (1) year (2) month and (3) day parameters.

Reference

http://evuln.com/vulns/30/summary.html http://secunia.com/advisories/18462 http://securitytracker.com/id?1015491 http://www.osvdb.org/22449 http://www.securityfocus.com/archive/1/422052/100/0/threaded http://www.securityfocus.com/bid/16242 http://www.vupen.com/english/advisories/2006/0190 https://exchange.xforce.ibmcloud.com/vulnerabilities/24120