CVE-2010-5103

EPSS 0.65%

TYPO3 SQL Injection vulnerability

發布日:2022/5/17修改日:2025/4/12

描述

SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.

受影響套件(1)

Packagist/typo3/cms>= 4.2.0, < 4.2.16

參考連結(9)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-5103
PATCHhttps://github.com/TYPO3/typo3
WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/64184
WEBhttps://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
WEBhttps://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
WEBhttp://www.openwall.com/lists/oss-security/2011/01/13/2
WEBhttp://www.openwall.com/lists/oss-security/2012/05/10/7
WEBhttp://www.openwall.com/lists/oss-security/2012/05/11/3
WEBhttp://www.openwall.com/lists/oss-security/2012/05/12/5