Search
Find a vulnerability
Search criteria
4 vulnerabilities found for eventr by eventr_project
CVE-2017-1002019 (GCVE-0-2017-1002019)
Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-09-16 20:32
VLAI
EPSS
VEX
Summary
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
Severity
No CVSS data available.
CWE
- SQL Injection
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/eventr/ | x_refsource_MISC |
| http://www.vapidlabs.com/advisory.php?v=192 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eventr",
"vendor": "Binny V A",
"versions": [
{
"lessThan": "1.02.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2017-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-14T13:00:00.000Z",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2017-05-21",
"ID": "CVE-2017-1002019",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eventr",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.02.2"
}
]
}
}
]
},
"vendor_name": "Binny V A"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/eventr/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/eventr/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=192",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2017-1002019",
"datePublished": "2017-09-14T13:00:00.000Z",
"dateReserved": "2017-09-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:32:31.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1002018 (GCVE-0-2017-1002018)
Vulnerability from nvd – Published: 2017-09-14 13:00 – Updated: 2024-09-16 23:56
VLAI
EPSS
VEX
Summary
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
Severity
No CVSS data available.
CWE
- SQL Injection
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/eventr/ | x_refsource_MISC |
| http://www.vapidlabs.com/advisory.php?v=192 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eventr",
"vendor": "Binny V A",
"versions": [
{
"lessThan": "1.02.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2017-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-14T13:00:00.000Z",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2017-05-21",
"ID": "CVE-2017-1002018",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eventr",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.02.2"
}
]
}
}
]
},
"vendor_name": "Binny V A"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/eventr/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/eventr/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=192",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2017-1002018",
"datePublished": "2017-09-14T13:00:00.000Z",
"dateReserved": "2017-09-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:56:37.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1002018 (GCVE-0-2017-1002018)
Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-09-16 23:56
VLAI
EPSS
VEX
Summary
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
Severity
No CVSS data available.
CWE
- SQL Injection
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/eventr/ | x_refsource_MISC |
| http://www.vapidlabs.com/advisory.php?v=192 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eventr",
"vendor": "Binny V A",
"versions": [
{
"lessThan": "1.02.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2017-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-14T13:00:00.000Z",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2017-05-21",
"ID": "CVE-2017-1002018",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eventr",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.02.2"
}
]
}
}
]
},
"vendor_name": "Binny V A"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/eventr/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/eventr/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=192",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2017-1002018",
"datePublished": "2017-09-14T13:00:00.000Z",
"dateReserved": "2017-09-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:56:37.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1002019 (GCVE-0-2017-1002019)
Vulnerability from cvelistv5 – Published: 2017-09-14 13:00 – Updated: 2024-09-16 20:32
VLAI
EPSS
VEX
Summary
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter.
Severity
No CVSS data available.
CWE
- SQL Injection
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wordpress.org/plugins/eventr/ | x_refsource_MISC |
| http://www.vapidlabs.com/advisory.php?v=192 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "eventr",
"vendor": "Binny V A",
"versions": [
{
"lessThan": "1.02.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2017-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-14T13:00:00.000Z",
"orgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"shortName": "larry_cashdollar"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wordpress.org/plugins/eventr/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED": "2017-05-21",
"ID": "CVE-2017-1002019",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC",
"UPDATED": "2017-08-10T14:41Z"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eventr",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.02.2"
}
]
}
}
]
},
"vendor_name": "Binny V A"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/eventr/",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/eventr/"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=192",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=192"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "461b2335-328f-427d-ae3d-eff7d6814455",
"assignerShortName": "larry_cashdollar",
"cveId": "CVE-2017-1002019",
"datePublished": "2017-09-14T13:00:00.000Z",
"dateReserved": "2017-09-14T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:32:31.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}