CVE-2008-6104 Information

Description

SQL injection vulnerability in A4Desk PHP Event Calendar allows remote attackers to execute arbitrary SQL commands via the eventid parameter to admin/index.php.

Reference

http://packetstorm.linuxsecurity.com/0810-exploits/a4desk-sqldisclose.txt http://secunia.com/advisories/32083 http://www.securityfocus.com/bid/33835