CVE-2005-3911
Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) category parameters.
Date published : 2005-11-30
http://www.securityfocus.com/bid/15632
http://pridels0.blogspot.com/2005/11/bosdates-v40-sql-vuln.html