Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in dex_reservations.php in the CP Reservation Calendar plugin before 1.1.7 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a dex_reservations_calendar_load2 action or (2) dex_item parameter in a dex_reservations_check_posted_data action in a request to the default URI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress CP Reservation Calendar插件SQL注入漏洞
Vulnerability Description
WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。CP Reservation Calendar是其中的一个事件日历插件。 WordPress CP Reservation Calendar插件1.1.7版本的dex_reservations.php脚本中存在SQL注入漏洞,该漏洞源于程序没有充分过滤dex_reservations_calendar_load2操作中的‘id’参数和dex_reservations
CVSS Information
N/A
Vulnerability Type
N/A