CVE-2005-4008

2005-12-0511:00:00

mitre

www.cve.org

AI Score

8.4

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter, and possibly the (2) Y and (3) m parameters.

References

pridels0.blogspot.com/2005/11/jax-calendar-134-vuln.html

www.osvdb.org/21406

www.securityfocus.com/bid/16130