CVE-2024-6009

A vulnerability has been found in itsourcecode Event Calendar 1.0 and classified as critical. Affected by this vulnerability is the function regConfirm/regDelete of the file process.php. The manipulation of the argument userId leads to sql injection. The attack can be launched remotely. The explo...

CVE-2024-6009

CVE-2024-6009 affects itsourcecode Event Calendar 1.0. The vulnerability resides in regConfirm/regDelete in process.php, where manipulating the userId parameter enables SQL injection. Exploitation is remote and the vulnerability has been publicly disclosed. Mitigations documented in connected sou...

PHP Event Calendar SQL Injection Vulnerability

PHP Event Calendar is open source a multi-user modern event calendar based on AJAX. It is easy to integrate and fully customizable. A SQL injection vulnerability exists in PHP Event Calendar version 1.0, which stems from a security issue in the regConfirm/regDelete function of process.php, which...

PT-2024-37312 · Itsourcecode · Itsourcecode Event Calendar

Name of the Vulnerable Software and Affected Versions: itsourcecode Event Calendar version 1.0 Description: A critical issue has been found in the function regConfirm/regDelete of the file process.php. The manipulation of the userId argument leads to SQL injection. The attack can be launched...