Lucene search
K

6 matches found

NVD
NVD
added 2026/06/19 5:16 p.m.10 views

CVE-2017-20268

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:11 p.m.6 views

CVE-2017-20268

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/19 4:11 p.m.31 views

CVE-2017-20268 Joomla! Component Zap Calendar Lite 4.3.4 SQL Injection

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 4:11 p.m.6 views

EUVD-2017-18995

Joomla! Component Zap Calendar Lite 4.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'eid' parameter. Attackers can send GET requests to the RSVP plugin endpoint with crafted SQL payloads t...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 4:11 p.m.15 views

CVE-2017-20268

The CVE covers Joomla! component Zap Calendar Lite 4.3.4, where an SQL injection via the eid parameter allows unauthenticated attackers to execute arbitrary SQL queries. Attack vectors include sending crafted GET requests to the RSVP endpoint to extract sensitive information, such as database nam...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50949

Name of the Vulnerable Software and Affected Versions Zap Calendar Lite version 4.3.4 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eid parameter. Attackers can send GET requests to the RSVP plugin endpoint t...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References7
Rows per page
Query Builder