Unrated severityNVD Advisory· Published Jul 22, 2010· Updated Jun 16, 2026
CVE-2009-4954
CVE-2009-4954
Description
SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:websedit:sk_calendar:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:websedit:sk_calendar:*:*:*:*:*:*:*:*range: <=0.3.3
- cpe:2.3:a:websedit:sk_calendar:0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:websedit:sk_calendar:0.3.2:*:*:*:*:*:*:*
- Range: <0.3.4
Patches
Vulnerability mechanics
References
2- typo3.org/extensions/repository/view/sk_calendar/0.3.4/nvdPatch
- typo3.org/teams/security/security-bulletins/typo3-sa-2009-005/nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.