SQL injection vulnerability in Benders Calendar 1.0 allows remote attackers to execute arbitrary SQL commands via multiple parameters, as demonstrated by the (1) year, (2) month, and (3) day parameters.
CVSS Metrics
