CVE-2005-4008 Information

Description

SQL injection vulnerability in jax_calendar.php in Jax Calendar 1.34 allows remote attackers to execute arbitrary SQL commands via the (1) cal_id parameter and possibly the (2) Y and (3) m parameters.

Reference

http://pridels0.blogspot.com/2005/11/jax-calendar-134-vuln.html http://www.osvdb.org/21406 http://www.securityfocus.com/bid/16130