CVE-2008-3452 Information

Description

SQL injection vulnerability in the Calendar module in eNdonesia 8.4 allows remote attackers to execute arbitrary SQL commands via the loc_id parameter in a list_events action to mod.php.

Reference

http://securityreason.com/securityalert/4104 http://www.securityfocus.com/bid/30457 https://exchange.xforce.ibmcloud.com/vulnerabilities/44115 https://www.exploit-db.com/exploits/6171