MidnightBSD

Advisories for websedit

CVE-2009-4954 HIGH

SQL injection vulnerability in the Versatile Calendar Extension [VCE] (sk_calendar) extension before 0.3.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
websedit sk_calendar 0.2.0
websedit sk_calendar 0.3.0
websedit sk_calendar 0.2.1
websedit sk_calendar 0.1.0
websedit sk_calendar *
websedit sk_calendar 0.3.1
websedit sk_calendar 0.1.1
websedit sk_calendar 0.2.2
websedit sk_calendar 0.3.2