SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php.
References
Configurations
History
No history.
Information
Published : 2009-02-10 18:30
Updated : 2025-04-09 00:30
NVD link : CVE-2008-6104
Mitre link : CVE-2008-6104
CVE.ORG link : CVE-2008-6104
JSON object : View
Products Affected
a4desk
- a4desk_flash_event_calendar
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')