Unrated severityNVD Advisory· Published Sep 1, 2004· Updated Jun 16, 2026
CVE-2004-1654
CVE-2004-1654
Description
SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:phpwebsite:phpwebsite:0.7.3:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:phpwebsite:phpwebsite:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpwebsite:phpwebsite:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpwebsite:phpwebsite:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpwebsite:phpwebsite:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpwebsite:phpwebsite:0.9.3.4:*:*:*:*:*:*:*
- (no CPE)range: <=0.9.3-4
Patches
Vulnerability mechanics
References
6- secunia.com/advisories/12438nvdPatchVendor Advisory
- www.gulftech.orgnvdPatchVendor Advisory
- www.phpwebsite.appstate.edu/index.phpnvdPatch
- www.securityfocus.com/bid/11088nvdPatchVendor Advisory
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17199nvd
News mentions
0No linked articles in our index yet.