SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpwebsite | Phpwebsite | * | 0.9.0 (including) |