Description

SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2012-6144

Related Vulnerabilities

WordPress Plugin Cookie Information-Free GDPR Consent Solution Security Bypass (2.0.22)

Oracle Database Server CVE-2019-2571 Vulnerability (CVE-2019-2571)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20503)

Joomla! Core 1.0 Remote File Inclusion (1.0.0)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2333)

Severity

Medium

Classification

CVE-2012-6144 CWE-138

Tags

Missing Update Known Vulnerabilities