Mateusz Lach

1 exploit Active since Mar 2015
CVE-2015-2196 EXPLOITDB php WORKING POC
Spider Event Calendar 1.4.9 - SQL Injection via cat_id Parameter
SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php.