Unrated severityNVD Advisory· Published Sep 14, 2005· Updated Jun 16, 2026
CVE-2005-2880
CVE-2005-2880
Description
Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via the (1) login field in login.php or (2) LocationID parameter to week.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:phpcommunitycalendar:phpcommunitycalendar:4.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:phpcommunitycalendar:phpcommunitycalendar:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpcommunitycalendar:phpcommunitycalendar:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpcommunitycalendar:phpcommunitycalendar:4.0.3:*:*:*:*:*:*:*
- (no CPE)range: <=4.0.3
Patches
Vulnerability mechanics
References
5- rgod.altervista.org/phpccal.htmlnvdExploitVendor Advisory
- www.securityfocus.com/bid/14763nvdExploit
- secunia.com/advisories/16721/nvdVendor Advisory
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/22175nvd
News mentions
0No linked articles in our index yet.