Vulnerabilities > PHP Fusion > Expanded Calendar Module

DATE CVE VULNERABILITY TITLE RISK
2007-10-03 CVE-2007-5187 SQL Injection vulnerability in PHP-Fusion Expanded Calendar Module and PHP-Fusion
SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter.
network
low complexity
php-fusion CWE-89
7.5
7.5
2007-04-03 CVE-2007-1845 SQL Injection vulnerability in PHP Fusion Expanded Calendar Module 2.0
SQL injection vulnerability in show_event.php in the Expanded Calendar (calendar_panel) 2.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the m_month parameter.
network
low complexity
php-fusion
7.5
7.5