Vulnerability Details CVE-2007-5187
SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/38593
- http://www.securityfocus.com/bid/25876
- http://www.vupen.com/english/advisories/2007/3331
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36904
- https://www.exploit-db.com/exploits/4475
- http://osvdb.org/38593
- http://www.securityfocus.com/bid/25876
- http://www.vupen.com/english/advisories/2007/3331
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36904
- https://www.exploit-db.com/exploits/4475
Products affected by CVE-2007-5187
-
cpe:2.3:a:php-fusion:expanded_calendar_module:2.01