CVE-2013-4634
https://notcve.org/view.php?id=CVE-2013-4634
SQL injection vulnerability in the jQuery autocomplete for indexed_search (rzautocomplete) extension before 0.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en el autocompletado de jQuery para la extensión indexed_search (rzautocomplete) antes de v0.0.9 de TYPO3 que permite a atacantes remotos ejecutar comandos SQL a través de vectores no especificados. • http://osvdb.org/93815 http://secunia.com/advisories/53633 http://typo3.org/extensions/repository/view/rzautocomplete http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-007 http://www.securityfocus.com/bid/60276 https://exchange.xforce.ibmcloud.com/vulnerabilities/84659 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •