Description

SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2012-6144

Related Vulnerabilities

phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-16650)

MySQL Resource Management Errors Vulnerability (CVE-2010-3679)

WordPress Plugin Teamleader CRM Forms Cross-Site Scripting (2.0.0)

Plone CMS Other Vulnerability (CVE-2006-4247)

Oracle Database Server CVE-2023-22096 Vulnerability (CVE-2023-22096)

Severity

Medium

Classification

CVE-2012-6144 CWE-138

Tags

Missing Update Known Vulnerabilities