Description
SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/48499
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2648
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6508
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31278
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31779
Scores
EPSS
0.0044
EPSS Percentile
63.0%
Details
CWE
CWE-89
Status
published
Products (1)
mevin/basic-php-events-lister
1.0
Published
Mar 13, 2009
Tracked Since
Feb 18, 2026