Unrated severityNVD Advisory· Published Nov 20, 2006· Updated Apr 23, 2026
CVE-2006-5977
CVE-2006-5977
Description
Multiple SQL injection vulnerabilities in MultiCalendars allow remote attackers to execute arbitrary SQL commands via the (1) M or (2) Y parameter to rss_out.asp, or the (3) cate parameter to all_calendars.asp. NOTE: the all_calendars.asp/calsids vector is already covered by CVE-2006-2293.
Affected products
1- cpe:2.3:a:expinion.net:multicalendars:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.