SQL injection vulnerability in load-calendar.php in PHPJabbers Event Booking Calendar 2.0 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
High
Date | CVE | Title | CVSS |
---|---|---|---|
2015-01-13 | CVE-2014-10014 | Cross-Site Request Forgery (CSRF) vulnerability in PHPjabbers Event Booking Calendar 2.0 | 6.8 |