1 results (0.012 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-0490 – WP-Cal <= 0.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-0490
SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en functions/ editevent.php en el plugin WP-Cal 0.3 para WordPress permite a atacantes remotos ejecutar comandos arbitrarios de SQL a través del parámetro id. • https://www.exploit-db.com/exploits/4992 http://secunia.com/advisories/28683 http://www.securityfocus.com/bid/27465 http://www.vupen.com/english/advisories/2008/0348 https://exchange.xforce.ibmcloud.com/vulnerabilities/39966 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •