Critical severity9.8NVD Advisory· Published Nov 20, 2023· Updated Jun 17, 2026
CVE-2023-46700
CVE-2023-46700
Description
SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <5.2.4M (MySQL), <5.2.4L (SQLite)
<5.2.4M (MySQL), <5.2.4L (SQLite)+ 1 more
- (no CPE)range: <5.2.4M (MySQL), <5.2.4L (SQLite)
- (no CPE)range: prior to 5.2.4L (SQLite version)
Patches
Vulnerability mechanics
References
4- jvn.jp/en/jp/JVN15005948/nvdThird Party Advisory
- www.luxsoft.eunvdProduct
- www.luxsoft.eunvdRelease Notes
- www.luxsoft.eu/lcforum/viewtopic.phpnvdIssue Tracking
News mentions
0No linked articles in our index yet.