CVE-2008-1344
MyioSoft EasyCalendar 4.0tr and earlier are affected by SQL injection in two vectors: (1) year parameter in dayview action to plugins/calendar/calendar_backend.php and (2) page parameter to ajaxp_backend.php. Remote attackers can execute arbitrary SQL commands. Affected software/versions are not ...