WEB APPLICATION VULNERABILITIES Standard & Premium

Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4383)

Description

contao prior to 2.11.4 has a sql injection vulnerability

Remediation

References

Related Vulnerabilities

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.10)

WordPress Plugin Zotpress 'zotpress.rss.php' SQL Injection (4.4)

SharePoint CVE-2021-40483 Vulnerability (CVE-2021-40483)

WordPress Plugin Pagination by BestWebSoft Cross-Site Scripting (1.0.6)

Drupal Core 9.0.x Directory Traversal (9.0.0 - 9.0.14)

Severity

High

Classification

CVE-2012-4383 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities