Vulnerabilities > A4Desk
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-10 | CVE-2008-6104 | SQL Injection vulnerability in A4Desk Flash Event Calendar SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php. | 7.5 |
2009-02-10 | CVE-2008-6103 | Code Injection vulnerability in A4Desk Flash Event Calendar PHP remote file inclusion vulnerability in index.php in A4Desk Event Calendar, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the v parameter. | 6.8 |