Vulnerability Details CVE-2008-0490
SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/28683
- http://www.securityfocus.com/bid/27465
- http://www.vupen.com/english/advisories/2008/0348
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39966
- https://www.exploit-db.com/exploits/4992
- http://secunia.com/advisories/28683
- http://www.securityfocus.com/bid/27465
- http://www.vupen.com/english/advisories/2008/0348
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39966
- https://www.exploit-db.com/exploits/4992
Products affected by CVE-2008-0490
-
cpe:2.3:a:wordpress:wp_cal_plugin:0.3