CVE-2008-5654 Information

Description

SQL injection vulnerability in the loginADP function in ajaxp.php in MyioSoft EasyCalendar 4.0 allows remote attackers to execute arbitrary SQL commands via the rsargs parameter as reachable through the username parameter a different vector than CVE-2008-1344. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/49702 http://secunia.com/advisories/32673 http://www.securityfocus.com/bid/32199 https://exchange.xforce.ibmcloud.com/vulnerabilities/46448 https://www.exploit-db.com/exploits/7046