CVE-2010-2131 [High] | SQL Injection in Cal

CVE-2010-2131 is rated Moderate Risk (51.3/100): CVSS High severity, with medium exploitation likelihood (EPSS 0.41%). Review affected assets and schedule remediation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-03-02	0.53%	0.41%	-0.12%
2	2025-03-30	0.55%	0.53%	-0.03%
3	2025-03-29	—	0.55%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-03-02

0.53%

0.41%

-0.12%

2025-03-30

0.55%

0.53%

-0.03%

2025-03-29

—

0.55%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.5	2.0	HIGH	`AV:N/AC:L/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	10.0	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

7.5

2.0

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

10.0

6.4

[email protected]

Affected software / configurations for CVE-2010-2131

Vendor	Product	Version	Raw CPE
mario_matzulla	cal	<= 1.3.1	cpe:2.3:a:mario_matzulla:cal::::::::
mario_matzulla	cal	0.9.0	cpe:2.3:a:mario_matzulla:cal:0.9.0:::::::*
mario_matzulla	cal	0.10.0	cpe:2.3:a:mario_matzulla:cal:0.10.0:::::::*
mario_matzulla	cal	0.11.0	cpe:2.3:a:mario_matzulla:cal:0.11.0:::::::*
mario_matzulla	cal	0.12.0	cpe:2.3:a:mario_matzulla:cal:0.12.0:::::::*
mario_matzulla	cal	0.12.1	cpe:2.3:a:mario_matzulla:cal:0.12.1:::::::*
mario_matzulla	cal	0.13.0	cpe:2.3:a:mario_matzulla:cal:0.13.0:::::::*
mario_matzulla	cal	0.13.1	cpe:2.3:a:mario_matzulla:cal:0.13.1:::::::*
mario_matzulla	cal	0.14.0	cpe:2.3:a:mario_matzulla:cal:0.14.0:::::::*
mario_matzulla	cal	0.14.1	cpe:2.3:a:mario_matzulla:cal:0.14.1:::::::*
mario_matzulla	cal	0.15.0	cpe:2.3:a:mario_matzulla:cal:0.15.0:::::::*
mario_matzulla	cal	0.15.1	cpe:2.3:a:mario_matzulla:cal:0.15.1:::::::*
mario_matzulla	cal	0.15.2	cpe:2.3:a:mario_matzulla:cal:0.15.2:::::::*
mario_matzulla	cal	0.15.3	cpe:2.3:a:mario_matzulla:cal:0.15.3:::::::*
mario_matzulla	cal	0.15.4	cpe:2.3:a:mario_matzulla:cal:0.15.4:::::::*
mario_matzulla	cal	0.15.5	cpe:2.3:a:mario_matzulla:cal:0.15.5:::::::*
mario_matzulla	cal	0.16.0	cpe:2.3:a:mario_matzulla:cal:0.16.0:::::::*
mario_matzulla	cal	0.16.1	cpe:2.3:a:mario_matzulla:cal:0.16.1:::::::*
mario_matzulla	cal	0.16.2	cpe:2.3:a:mario_matzulla:cal:0.16.2:::::::*
mario_matzulla	cal	0.16.3	cpe:2.3:a:mario_matzulla:cal:0.16.3:::::::*
mario_matzulla	cal	0.16.4	cpe:2.3:a:mario_matzulla:cal:0.16.4:::::::*
mario_matzulla	cal	0.16.5	cpe:2.3:a:mario_matzulla:cal:0.16.5:::::::*
mario_matzulla	cal	0.16.6	cpe:2.3:a:mario_matzulla:cal:0.16.6:::::::*
mario_matzulla	cal	0.17.0	cpe:2.3:a:mario_matzulla:cal:0.17.0:::::::*
mario_matzulla	cal	0.17.1	cpe:2.3:a:mario_matzulla:cal:0.17.1:::::::*
mario_matzulla	cal	0.17.2	cpe:2.3:a:mario_matzulla:cal:0.17.2:::::::*
mario_matzulla	cal	0.17.3	cpe:2.3:a:mario_matzulla:cal:0.17.3:::::::*
mario_matzulla	cal	1.0.0	cpe:2.3:a:mario_matzulla:cal:1.0.0:::::::*
mario_matzulla	cal	1.1.0	cpe:2.3:a:mario_matzulla:cal:1.1.0:::::::*
mario_matzulla	cal	1.2.0	cpe:2.3:a:mario_matzulla:cal:1.2.0:::::::*
mario_matzulla	cal	1.2.1	cpe:2.3:a:mario_matzulla:cal:1.2.1:::::::*
mario_matzulla	cal	1.3.0	cpe:2.3:a:mario_matzulla:cal:1.3.0:::::::*

References for CVE-2010-2131

URL	Tags
http://osvdb.org/62668
http://secunia.com/advisories/38745	Vendor Advisory
http://typo3.org/extensions/repository/view/cal/1.3.2/	Patch
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-005/	Patch Vendor Advisory
http://www.securityfocus.com/bid/38493

URL

CVE-2010-2131

Exploit prediction scoring system (EPSS) score for CVE-2010-2131

Common vulnerability scoring system (CVSS) metrics for CVE-2010-2131

Weakness enumeration for CVE-2010-2131

Affected software / configurations for CVE-2010-2131

References for CVE-2010-2131