2 matches found
CVE-2013-3961
CVE-2013-3961 affects Simple PHP Agenda up to version 2.2.8, where an authenticated user can exploit an SQL injection in edit_event.php via the eventid parameter. The root cause is inadequate input sanitization (relying on mysql_real_escape_string) allowing arbitrary SQL execution and potential d...
Simple PHP Agenda 2.2.8 - 'edit_event.php?eventid' SQL Injection
============================================= WEBERA ALERT ADVISORY 02 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request – 05/06/2013 - CVE Assign – 06/06/2013 - CVE Number – CVE-2013-3961 - Vendor notification – 06/06/2013 - Vendor reply – 10/06/2013 - Public disclosure –...