1 results (0.003 seconds)
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0
CVE-2013-4748
https://notcve.org/view.php?id=CVE-2013-4748
SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la extensión News system (news) antes de 1.3.3 para TYPO3, permite a atacantes remotos ejecutar comandos SQL arbitrarios a través de vectores no especificados. • http://osvdb.org/89134 http://typo3.org/extensions/repository/view/news http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-001 https://exchange.xforce.ibmcloud.com/vulnerabilities/81192 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •