CVE-2008-4655 | Severity.io

Description

SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Related CPE's

typo3

simplesurvey

References

http://secunia.com/advisories/32369

Vendor Advisory

http://typo3.org/extensions/repository/view/simplesurvey/1.8.1/

Patch

http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/

Patch

http://www.vupen.com/english/advisories/2008/2870

http://secunia.com/advisories/32369

Vendor Advisory

http://typo3.org/extensions/repository/view/simplesurvey/1.8.1/

Patch

http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/

Patch

http://www.vupen.com/english/advisories/2008/2870

Weaknesses

[email protected]

Primary

CWE-89

CVSS impact metrics

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 · High

CVSS V3.1
CVSS V3.0
CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Deferred

Published

2008-10-22T00:11:51.163

16 years ago

Last modified

2025-04-09T00:30:58.490

2 months ago