漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726.
漏洞信息
N/A
漏洞
N/A
漏洞
Gigcalendar SQL注入漏洞
漏洞信息
gigCalendar是一个免费的为维护网站旅游日志的的Joomla! and Mambo组件。 Mambo和Joomla! GigCalendar (com_gigcal)组件中存在多个SQL注入漏洞,当magic_quotes_gpc被中止时,远程攻击者(1)可以借助对index.php的一个细节操作的gigcal _venues_id参数,且该参数没有经过venuedetails.php适当地处理,以执行任意SQL指令;(2)借助对index.php的一个细节操作中igcal_bands_id参数,
漏洞信息
N/A
漏洞
N/A