SQL injection vulnerability in PostCalendar 4.0.0 allows remote malicious users to execute arbitrary SQL commands via search queries.
postnuke software foundation postcalendar 4.0.0