Unrated severityNVD Advisory· Published Dec 5, 2005· Updated Apr 16, 2026

CVE-2005-4011

Description

SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar (aka PHP Event Calendar) 4.2, 4.1.3, and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

Codewalkers/Ltwcalendar
cpe:2.3:a:codewalkers:ltwcalendar:*:*:*:*:*:*:*:*
Range: <=4.1.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17799nvdVendor Advisory
www.vupen.com/english/advisories/2005/2652nvdVendor Advisory
ltwcalendar.sourceforge.net/changelog.phpnvd
pridels0.blogspot.com/2005/11/codewalkers-ltwcalendar-4x-sql-inj.htmlnvd
securitytracker.com/idnvd
www.silitix.com/calendar-cws.phpnvd
www.attrition.org/pipermail/vim/2006-December/001154.htmlnvd
www.osvdb.org/21195nvd
www.osvdb.org/27539nvd
www.securityfocus.com/archive/1/438232/100/0/threadednvd
www.securityfocus.com/archive/1/438580/100/0/threadednvd
www.securityfocus.com/bid/15636nvd
www.securityfocus.com/bid/18593nvd
exchange.xforce.ibmcloud.com/vulnerabilities/23312nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27362nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000