CVE-2008-0490

CVE Database · CVE-2008-0490

CVE-2008-0490

· N/AModified

CVSS v3.1

N/A

EPSS

2.74%

Published

Jan 30, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBWordPress Plugin WP-Cal 0.3 - 'editevent.php' SQL Injection TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

Weaknesses (CWE)

CWE-89

Affected Products (1)

wordpress · wp_cal_pluginvulnerable

References (10)

http://secunia.com/advisories/28683

Vendor Advisory

http://www.securityfocus.com/bid/27465

Exploit

http://www.vupen.com/english/advisories/2008/0348

https://exchange.xforce.ibmcloud.com/vulnerabilities/39966

https://www.exploit-db.com/exploits/4992