SQL injection vulnerability in viewevent.php in myEvent 1.6 allows remote attackers to execute arbitrary SQL commands via the eventdate parameter.
Max CVSS
7.5
EPSS Score
0.11%
Published
2008-10-22
Updated
2017-09-29
PHP remote file inclusion vulnerability in includes/template.php in MyEvent 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter. NOTE: a reliable third party disputes this issue, saying "the entire file is a class.
Max CVSS
7.5
EPSS Score
0.99%
Published
2007-06-22
Updated
2024-04-11
2 vulnerabilities found