Description
SQL injection vulnerability in default.asp in ASP-DEv XM Events Diary allows remote attackers to execute arbitrary SQL commands the cat parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Pouya_Server · textwebappsasp
https://www.exploit-db.com/exploits/32658
References (3)
Core 3
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32809
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33152
Exploit x_refsource_misc
http://packetstormsecurity.org/0812-exploits/aspdevxmdiary-sqldisclose.txt
Scores
EPSS
0.0049
EPSS Percentile
65.4%
Details
CWE
CWE-89
Status
published
Products (1)
asp-dev/xm_events_diary
Published
Jan 21, 2009
Tracked Since
Feb 18, 2026