Nodstrum : Security Vulnerabilities, CVEs,
Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
4.63%
Published
2008-12-26
Updated
2017-09-29
SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
Max CVSS
7.5
EPSS Score
0.12%
Published
2008-12-26
Updated
2017-09-29
2 vulnerabilities found