VULHUB ™

WebCalendar is affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. This vulnerability is reported to affect WebCalendar 0.9.45; earlier versions may also be affected. The vendor has addressed this issue in WebCalendar 1.0RC1 and later.

WebCalendar is affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. This vulnerability is reported to affect WebCalendar 0.9.45; earlier versions may also be affected. The vendor has addressed this issue in WebCalendar 1.0RC1 and later.