cpe:/a:nodstrum:mysql_calendar:1.1 cpe:/a:nodstrum:mysql_calendar:1.2 CVE-2008-5737 2008-12-26T13:30:03.483-05:00 2017-09-28T21:32:46.433-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-12-29T14:56:00.000-05:00 ALLOWS_OTHER_ACCESS BID 32978 SECUNIA 33266 SREASON 4815 OSVDB 50892 EXPLOIT-DB 7551 XF mysqlcalendar-index-sql-injection(47544) SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.