1 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en Simple survey (simplesurvey) 1.7.0 y versiones anteriores, extensión para TYPO3, que permite a los atacantes remotos ejecutar arbitrariamente comandos SQL a través de vectores no especificados. • http://secunia.com/advisories/32369 http://typo3.org/extensions/repository/view/simplesurvey/1.8.1 http://typo3.org/teams/security/security-bulletins/typo3-20081020-1 http://www.vupen.com/english/advisories/2008/2870 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •