Vulnerabilities > John GEO > Freelancer Calendar
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-23 | CVE-2011-5109 | SQL Injection vulnerability in John GEO Freelancer Calendar 1.01 Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the SearchField parameter in a search action to (1) category_list.php, (2) Copy_of_calendar_list.php, (3) customer_statistics_list.php, (4) customer_list.php, and (5) task_statistics_list.php in the worldcalendar directory. | 7.5 |