Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via (1) the user_name parameter (aka user field) to admin/index.php, (2) the user_pass parameter (aka pass field) to admin/index.php, or (3) the id parameter to calendar_details.php. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Develop It Easy Event Calendar 'admin/index.php'多个SQL注入漏洞
Vulnerability Description
DevelopItEasy Events Calendar 1.2版本存在多个SQL注入漏洞。远程攻击者可以借助到admin/index.php的(1)用户名参数(又称用户字段),到dmin/index.php的(2)用户密码参数(又称密码字段)或到calendar_details.php的(3)id参数,执行任意的SQL指令。
CVSS Information
N/A
Vulnerability Type
N/A