Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstrated by the /server/ajax/user_manager.php username parameter. This can be used to execute SQL statements directly on the database, allowing an adversary in some cases to completely compromise the database system. It can also be used to bypass the login form.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP Event Calendar SQL注入漏洞
Vulnerability Description
PHP Event Calendar是开源的一个基于 AJAX 的多用户现代事件日历。它易于集成和完全可定制。 PHP Event Calendar Lite Edition 存在安全漏洞,该漏洞允许绕过身份验证的攻击者进行远程 SQL 注入。
CVSS Information
N/A
Vulnerability Type
N/A