CVE-2014-8586 – Calendar Event Multi View < 1.0.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2014-8586
SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.01 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter. Vulnerabilidad de inyección SQL en el plugin CP Multi View Event Calendar 1.01 para WordPress permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro calid. SQL injection vulnerability in the CP Multi View Event Calendar plugin 1.0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the calid parameter. • https://www.exploit-db.com/exploits/35073 http://osvdb.org/show/osvdb/113670 http://packetstormsecurity.com/files/128814/WordPress-CP-Multi-View-Event-Calendar-1.01-SQL-Injection.html http://www.exploit-db.com/exploits/35073 http://www.securityfocus.com/bid/70718 https://exchange.xforce.ibmcloud.com/vulnerabilities/97766 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •