CVE-2021-42077
CVE-2021-42077 affects PHP Event Calendar Lite edition prior to 2021-09-03. Multiple connected sources confirm an SQL injection vulnerability exploitable via the /server/ajax/user_manager.php username parameter, enabling execution of arbitrary SQL and, in some cases, bypassing login. The issue is...