SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected