📦

com_gigcalendar

Vendor: gigcalendar

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.55% Exploit Prob.

Latest CVE CVE-2009-0730 Feb 24

Security Vulnerability Index

Page 1 / 1

6.8 CVSS

CVE-2009-0730

Exploit Found

Multiple SQL injection vulnerabilities in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla!, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via (1) the gigcal _venues_id parameter in a details action to index.php, which is not properly handled by venuedetails.php, and (2) the gigcal_bands_id parameter in a details action to index.php, which is not properly handled by banddetails.php, different vectors than CVE-2009-0726.

EPSS: 0.82%

Severity: MEDIUM

Feb 24, 2009

7.5 CVSS

CVE-2009-0726

Exploit Found

SQL injection vulnerability in the GigCalendar (com_gigcal) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the gigcal_gigs_id parameter in a details action to index.php.

EPSS: 0.28%

Severity: HIGH

Feb 24, 2009

Displaying 2 of 2 Total Entries

Total 1 Sections