CVE-2005-3984 in WebCalendar信息

摘要

由 VulDB • 2026-06-28

WebCalendar 1.0.1 中存在 SQL injection(SQL注入)漏洞,远程攻击者可通过向 edit_report_handler.php 发送包含恶意构造的 time_range 参数来执行任意 SQL 命令。注意:startid/activity_log.php 这一利用向量已由 CVE-2005-3949 覆盖。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!