Description
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."
Remediation
References
Related Vulnerabilities
WordPress Plugin Xhanch-My Twitter Multiple Cross-Site Request Forgery Vulnerabilities (2.7.7)
WordPress Plugin Simple Ads Manager PHP Object Injection (2.9.8.125)
WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.3.47)
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9044)