CVE-2005-0474
Publication date 30 March 2005
Last updated 24 July 2024
Ubuntu priority
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.