The exploit demonstrates a SQL injection vulnerability in Event Calendar PHP 1.5 via the 'cal_id' parameter in multiple admin.php endpoints. The provided payload confirms the vulnerability by triggering an SQL error, indicating successful injection.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Event Calendar PHP 1.5
Auth required
Prerequisites:Access to the admin.php endpoints · Valid session or authentication to the admin panel