cpe:/a:php-fusion:expanded_calendar_module:2.01 cpe:/a:php-fusion:php-fusion CVE-2007-5187 2007-10-03T10:17:00.000-04:00 2017-09-28T21:29:31.157-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-10-03T20:31:00.000-04:00 BID 25876 OSVDB 38593 EXPLOIT-DB 4475 VUPEN ADV-2007-3331 XF phpfusion-expanded-calendar-sql-injection(36904) SQL injection vulnerability in infusions/calendar_events_panel/show_single.php in the Expanded Calendar 2.x module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the sel parameter.