Event Manager
Monthly
SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.