Описание
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.2-2.1 |
| devel | released | 1.0.2-2.1 |
| edgy | released | 1.0.2-2.1 |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 67%
0.00561
Низкий
6.4 Medium
CVSS2
Связанные уязвимости
nvd
больше 20 лет назад
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
debian
больше 20 лет назад
SQL injection vulnerability in the user_valid_crypt function in user.p ...
github
больше 3 лет назад
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
EPSS
Процентиль: 67%
0.00561
Низкий
6.4 Medium
CVSS2