VYPR

Expanded Calendar Module

by PHP-Fusion

CVEs (2)

  • CVE-2007-5187Oct 3, 2007
    risk 0.03cvss epss 0.04

    SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter.

  • CVE-2007-1845Apr 3, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the m_month parameter.