cbcvebase.
CVE-2009-1945
published 2009-06-05

CVE-2009-1945: SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.

PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.01%
58.6th percentile
SQL injection vulnerability in webCal3_detail.asp in WebCal 3.04 allows remote attackers to execute arbitrary SQL commands via the event_id parameter.

Affected

9 ranges
VendorProductVersion rangeFixed in
linuxlinux_kernel>= 2.6.35 < 5.4.3015.4.301
linuxlinux_kernel>= 5.11.0 < 5.15.1955.15.195
linuxlinux_kernel>= 5.16.0 < 6.1.1566.1.156
linuxlinux_kernel>= 5.5.0 < 5.10.2465.10.246
linuxlinux_kernel>= 6.13.0 < 6.16.116.16.11
linuxlinux_kernel>= 6.17.0 < 6.17.16.17.1
linuxlinux_kernel>= 6.2.0 < 6.6.1106.6.110
linuxlinux_kernel>= 6.7.0 < 6.12.516.12.51
tzowebcal

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat7.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.