cpe:/a:andreas_kiefer:ke_yac:1.0.3 cpe:/a:andreas_kiefer:ke_yac:1.0.4 cpe:/a:andreas_kiefer:ke_yac:1.0.5 cpe:/a:andreas_kiefer:ke_yac:1.1.0 cpe:/a:andreas_kiefer:ke_yac:1.1.1 CVE-2010-4891 2011-10-07T06:55:09.817-04:00 2012-05-14T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2011-10-07T11:39:00.000-04:00 BID 42945 CONFIRM http://typo3.org/extensions/repository/view/ke_yac/1.1.2/ CONFIRM http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/ SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.