Benson It Solutions » 1webcalendar : Security Vulnerabilities, CVEs, Published In 2006 (Sql injection)
Multiple SQL injection vulnerabilities in 1WebCalendar 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) EventID parameter in viewEvent.cfm, (2) NewsID parameter in newsView.cfm, or (3) ThisDate parameter in mainCal.cfm.
Max CVSS
5.0
EPSS Score
1.05%
Published
2006-03-24
Updated
2017-07-20
1 vulnerabilities found