Published: 04/11/2014 Updated: 08/09/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Cp Multi View Event Calendar Project

SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote malicious users to execute arbitrary SQL commands via the calid parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cp multi view event calendar project cp multi view event calendar 1.0.1

###################### # Exploit Title : CP Multi View Event Calendar 101 SQL Injection Vulnerability # Exploit Author : Claudio Viviani # Software Link : downloadswordpressorg/plugin/cp-multi-view-calendarzip # Date : 2014-10-23 # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (08-1) Linux ...

CWE-89 http://packetstormsecurity.com/files/128814/WordPress-CP-Multi-View-Event-Calendar-1.01-SQL-Injection.html http://www.securityfocus.com/bid/70718 http://www.exploit-db.com/exploits/35073 http://osvdb.org/show/osvdb/113670 https://exchange.xforce.ibmcloud.com/vulnerabilities/97766 https://nvd.nist.gov https://www.exploit-db.com/exploits/35073/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-8586

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect