VYPR
Unrated severityNVD Advisory· Published Jul 22, 2010· Updated Jun 16, 2026

CVE-2009-4954

CVE-2009-4954

Description

SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • cpe:2.3:a:websedit:sk_calendar:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:websedit:sk_calendar:*:*:*:*:*:*:*:*range: <=0.3.3
    • cpe:2.3:a:websedit:sk_calendar:0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:websedit:sk_calendar:0.3.2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.