Multiple SQL injection vulnerabilities in Calendarix allow remote malicious users to execute arbitrary SQL commands via (1) the catview parameter in cal_functions.inc.php and (2) the login parameter in cal_login.php. NOTE: the catview vector might overlap CVE-2005-1865.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vincent hor calendarix 0.6.2005-08-30 |