Unrated severityNVD Advisory· Published Mar 30, 2005· Updated Jun 16, 2026
CVE-2005-0474
CVE-2005-0474
Description
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:webcalendar:webcalendar:0.9.45:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:webcalendar:webcalendar:0.9.45:*:*:*:*:*:*:*
- (no CPE)range: <=0.9.45
Patches
Vulnerability mechanics
References
6- secunia.com/advisories/14319nvdPatchVendor Advisory
- www.scovettalabs.com/advisory/SCL-2005.001.txtnvdExploitPatchVendor Advisory
- marc.infonvd
- securitytracker.com/idnvd
- www.osvdb.org/13918nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/19369nvd
News mentions
0No linked articles in our index yet.