Description

SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2010-5103

Related Vulnerabilities

Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-3221)

Apache HTTP Server Improper Input Validation Vulnerability (CVE-2012-0021)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-20901)

WordPress Plugin WP Statistics Cross-Site Scripting (12.6.5)

WordPress Plugin WP VR-360 Panorama and Virtual Tour Builder For WordPress Cross-Site Scripting (8.2.6)

Severity

Medium

Classification

CVE-2010-5103 CWE-138

Tags

Missing Update Known Vulnerabilities