Vulnerability Details CVE-2008-6038
SQL injection vulnerability in index.php in MapCal 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter in an editevent action, possibly related to dsp_editevent.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://0x90.com.ar/Advisory/20080920-2.txt
- http://www.securityfocus.com/archive/1/496576/100/0/threaded
- http://www.securityfocus.com/bid/31304
- http://www.vupen.com/english/advisories/2008/2647
- http://0x90.com.ar/Advisory/20080920-2.txt
- http://www.securityfocus.com/archive/1/496576/100/0/threaded
- http://www.securityfocus.com/bid/31304
- http://www.vupen.com/english/advisories/2008/2647