SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Webcalendar | Webcalendar | 0.9.45 (including) | 0.9.45 (including) |