Calogic : Security Vulnerabilities, CVEs, CVSS score >= 7
SQL injection vulnerability in userreg.php in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary SQL commands via the langsel parameter.
Max CVSS
7.5
EPSS Score
0.06%
Published
2008-05-27
Updated
2017-09-29
PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS["CLPath"] parameter to (1) reconfig.php and (2) srxclr.php. NOTE: this might be due to a globals overwrite issue.
Max CVSS
7.5
EPSS Score
4.27%
Published
2006-05-24
Updated
2017-10-19
PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4) mcpi-demo.php.
Max CVSS
7.5
EPSS Score
2.03%
Published
2005-07-19
Updated
2008-09-05
3 vulnerabilities found