Description
SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Exploits (1)
References (1)
Core 1
Core References
Exploit x_refsource_misc
http://packetstormsecurity.com/files/124753/eventbookingcalendar-xssxsrfsql.txt
Scores
EPSS
0.0213
EPSS Percentile
84.2%
Details
CWE
CWE-89
Status
published
Products (1)
phpjabbers/event_booking_calendar
2.0
Published
Jan 13, 2015
Tracked Since
Feb 18, 2026