CVE-2005-0474

2005-03-30T05:00:00
ID CVE-2005-0474
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:32:00

Description

SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.