VYPR
Unrated severityNVD Advisory· Published May 3, 2005· Updated Jun 16, 2026

CVE-2005-1397

CVE-2005-1397

Description

SQL injection vulnerability in search.php for PHP-Calendar before 0.10.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Affected products

12
  • cpe:2.3:a:php-calendar:php-calendar:0.1:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:php-calendar:php-calendar:0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:php-calendar:php-calendar:0.9.1:*:*:*:*:*:*:*
    • (no CPE)range: <0.10.3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.