1 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

SQL injection vulnerability in the Diocese of Portsmouth Church Search (pd_churchsearch) extension before 0.1.1, and 0.2.10 and earlier 0.2.x versions, an extension for TYPO3, allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección de SQL en la extensión Diocese of Portsmouth Church Search (pd_churchsearch) para TYPO3, en las versiones anteriores a la 0.1.1 y 0.2.X antes de 0.2.10, permite a atacantes remotos ejecutar comandos SQL a través de vectores no especificados. • http://osvdb.org/48279 http://typo3.org/teams/security/security-bulletins/typo3-20080919-1 http://www.securityfocus.com/bid/31260 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •