CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-6458
https://notcve.org/view.php?id=CVE-2008-6458
SQL injection vulnerability in the FE address edit for tt_address & direct mail (dmaddredit) extension 0.4.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección de SQL en la extensión FE address edit para tt_address & direct mail (dmaddredit) para TYPO3 antes de la versión 0.4.0 permite a atacantes remotos ejecutar comandos SQL a través de vectores no especificados. • http://osvdb.org/48274 http://typo3.org/teams/security/security-bulletins/typo3-20080919-1 http://www.securityfocus.com/bid/31259 https://exchange.xforce.ibmcloud.com/vulnerabilities/45257 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •