1 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2017-17616 – Event Calendar Category Script 1.0 - 'city' SQL Injection
https://notcve.org/view.php?id=CVE-2017-17616
Event Search Script 1.0 has SQL Injection via the /event-list city parameter. Event Search Script 1.0 tiene una inyección SQL mediante el parámetro city en /event-list. • https://www.exploit-db.com/exploits/43279 https://packetstormsecurity.com/files/145306/Event-Search-Script-1.0-SQL-Injection.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •