SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."
Max CVSS
7.5
EPSS Score
0.42%
Published
2013-03-20
Updated
2013-06-05
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.12%
Published
2013-07-01
Updated
2017-08-29
2 vulnerabilities found