CVE-2009-4954
CVE-2009-4954 describes an SQL injection in the TYPO3 VCE plug-in Versatile Calendar Extension (sk_calendar) before version 0.3.4. Affected software: TYPO3 environment using sk_calendar prior to 0.3.4. Root cause: improper handling of input in the extension, enabling an attacker to inject arbitra...