Description

SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2010-5103

Related Vulnerabilities

WordPress Plugin Widgets for SiteOrigin Security Bypass (1.4.2)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (2.0.14)

PHP Out-of-bounds Read Vulnerability (CVE-2022-31630)

WordPress Plugin Patreon WordPress PHP Object Injection (1.2.1)

Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-38268)

Severity

Medium

Classification

CVE-2010-5103 CWE-138

Tags

Missing Update Known Vulnerabilities