CVE-2010-5103
EPSS 0.65%TYPO3 SQL Injection vulnerability
Published: 5/17/2022Modified: 4/12/2025
Also known as:GHSA-r2w2-2r2x-fpcx
Description
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
Affected packages (1)
- Packagist/typo3/cms>= 4.2.0, < 4.2.16
References (9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-5103
- PATCHhttps://github.com/TYPO3/typo3
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/64184
- WEBhttps://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
- WEBhttps://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
- WEBhttp://www.openwall.com/lists/oss-security/2011/01/13/2
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/10/7
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/11/3
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/12/5