CVE-2005-0474

Publication date

2005-02-19 05:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.