Sql injection

2007-11-2901:46:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.3%

JSON

Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs Web Calendar 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) loginname (aka Username) and (2) loginpass (aka Password) parameters to caladmin.php.

CPENameOperatorVersion
proverbs_web_calendareq1.1

CPE	Name	Operator	Version
	proverbs_web_calendar	eq	1.1

References

securityreason.com/securityalert/3401

www.securityfocus.com/archive/1/484193/100/0/threaded

www.securityfocus.com/bid/26584

exchange.xforce.ibmcloud.com/vulnerabilities/38628