Sql injection

2015-03-0319:59:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.1%

JSON

SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php.

CPENameOperatorVersion
spider_calendareq1.4.9

CPE	Name	Operator	Version
	spider_calendar	eq	1.4.9

References

www.exploit-db.com/exploits/36061