cpe:/a:coldgen:coldcalendar:2.06 CVE-2010-4910 2011-10-08T06:55:07.473-04:00 2017-08-28T21:29:06.830-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-10-10T09:26:00.000-04:00 EXPLOIT-DB 14932 SECUNIA 41333 BID 43035 SREASON 8445 XF coldcalendar-index-sql-injection(61637) MISC http://packetstormsecurity.org/1009-exploits/coldcalendar-sql.txt SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action.