CVE-2007-6158 Information

Description

Multiple SQL injection vulnerabilities in caladmin.inc.php in Proverbs Web Calendar 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) loginname (aka Username) and (2) loginpass (aka Password) parameters to caladmin.php.

Reference

http://securityreason.com/securityalert/3401 http://www.securityfocus.com/archive/1/484193/100/0/threaded http://www.securityfocus.com/bid/26584 https://exchange.xforce.ibmcloud.com/vulnerabilities/38628