CVE-2015-2196

2015-03-03T14:59:02
ID CVE-2015-2196
Type cve
Reporter NVD
Modified 2015-03-04T14:11:55

Description

SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php.