Calendarix SQL Injection Vulnerability

The remote host is running Calendarix, a PHP-based calendar system. The remote version of this software is prone to a remote file include vulnerability as well as multiple cross-site scripting, and SQL injection vulnerabilities. Successful exploitation could result in execution of arbitrary PHP code on the remote site, a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
None at this time.