CVE-2009-4973 (totalcalendar)
SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action.
Bringing security awareness to the masses
Search this site
Categories
Recommended Sites
Pages
US-CERT Vulnerability Notes
- VU#204055: Blackboard Transact database credentials disclosure
- VU#707943: Microsoft Windows based applications may insecurely load dynamic libraries
- VU#644319: Ghostscript Heap Corruption in TrueType bytecode interpreter
- VU#278785: DevonIT weak authentication and buffer overflow in /usr/bin/tm-console-bin
- VU#320233: Wyse ThinOS LPD service buffer overflow vulnerability
Cyber Security Alerts
Google Search
Blogroll
Under Construction