cpe:/a:wordpress:wp_cal_plugin:0.3 CVE-2008-0490 2008-01-30T17:00:00.000-05:00 2017-09-28T21:30:18.473-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-01-30T17:45:00.000-05:00 ALLOWS_USER_ACCESS BID 27465 SECUNIA 28683 EXPLOIT-DB 4992 VUPEN ADV-2008-0348 XF wpcal-editevent-sql-injection(39966) SQL injection vulnerability in functions/editevent.php in the WP-Cal 0.3 plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.