Description
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ultimate Appointment Booking & Scheduling Cross-Site Scripting (1.1.9)
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-42040)
WordPress Plugin Smart Flv 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities (1.0)
WordPress Plugin PictPress 'resize.php' Multiple Local File Include Vulnerabilities (1.0)
WordPress Plugin CM Table Of Contents Cross-Site Scripting (1.0.7)