Описание
SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the time_range parameter to edit_report_handler.php. NOTE: the startid/activity_log.php vector is already covered by CVE-2005-3949.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.2-2.1 |
| devel | released | 1.0.2-2.1 |
| edgy | released | 1.0.2-2.1 |
| feisty | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the time_range parameter to edit_report_handler.php. NOTE: the startid/activity_log.php vector is already covered by CVE-2005-3949.
SQL injection vulnerability in WebCalendar 1.0.1 allows remote attacke ...
SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the time_range parameter to edit_report_handler.php. NOTE: the startid/activity_log.php vector is already covered by CVE-2005-3949.
EPSS
7.5 High
CVSS2