SQL Injection in Phpjabbers Event_booking_calendar
CVE-2014-10015
SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Vulnerability class: SQL Injection
EPSS: 0.012 (65.3th percentile) — read the EPSS interpretation.
Affected products
- Phpjabbers Event_booking_calendar — versions 2.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Exploit, x_refsource_MISC)