Vulnerabilities > Simon Rundell > PD Calendar Today
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-12-17 | CVE-2009-4337 | SQL Injection vulnerability in Simon Rundell PD Calendar Today 0.0.3 SQL injection vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors, a different issue than CVE-2008-6691. | 7.5 |
| 2009-12-17 | CVE-2009-4336 | Cross-Site Scripting vulnerability in Simon Rundell PD Calendar Today 0.0.3 Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |