ID de Prueba:	1.3.6.1.4.1.25623.1.0.18410
Categoría:	Web application abuses
Título:	Calendarix Advanced <= 1.5 Multiple Vulnerabilities - Active Check
Resumen:	Calendarix is prone to multiple vulnerabilities.
Descripción:	Summary: Calendarix is prone to multiple vulnerabilities. Vulnerability Insight: The remote version of this software is prone to a remote file include vulnerability as well as multiple cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities. Vulnerability Impact: Successful exploitation could result in execution of arbitrary PHP code on the remote site, a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Affected Software/OS: Calendarix Advanced versions 1.5 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1864 Bugtraq: 20050531 multiple vulnerability Calendarix Advanced (Google Search) http://archives.neohapsis.com/archives/bugtraq/2005-05/0356.html http://securitytracker.com/alerts/2005/May/1014083.html Common Vulnerability Exposure (CVE) ID: CVE-2005-1865 http://www.osvdb.org/16971 http://www.osvdb.org/16972 http://www.osvdb.org/16974 http://www.osvdb.org/16975 http://secunia.com/advisories/15569 Common Vulnerability Exposure (CVE) ID: CVE-2005-1866 http://www.osvdb.org/16973
Copyright	Copyright (C) 2005 Josh Zlatin-Amishav

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.