CVE-2006-5977
CVE-2006-5977 describes multiple SQL injection vulnerabilities in MultiCalendars, allowing remote attackers to execute arbitrary SQL commands via (1) M or (2) Y in rss_out.asp, or (3) cate in all_calendars.asp. The vector all_calendars.asp/calsids is already covered by CVE-2006-2293. Affected pro...