Description

SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Related CPE's

a

typo3

typo3

a

typo3

jobcontrol

36

References

http://secunia.com/advisories/32342

Vendor Advisory

http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/

Patch

http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/

PatchVendor Advisory

http://www.securityfocus.com/bid/31840

Patch

http://www.vupen.com/english/advisories/2008/2870

http://secunia.com/advisories/32342

Vendor Advisory

http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/

Patch

http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/

PatchVendor Advisory

http://www.securityfocus.com/bid/31840

Patch

http://www.vupen.com/english/advisories/2008/2870

Weaknesses

[email protected]

Primary
CWE-89

CVSS impact metrics

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 · High

Information

Source identifier

[email protected]

Vulnerability status

Deferred

Published

2008-10-21T22:11:51.243Z

17 years ago

Last modified

2025-04-08T22:30:58.490Z

11 months ago