CVE-2011-3583 (typo3)

It was found that Typo3 Core versions 4.5.0 – 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.

View Full Alert

Related Posts

  • CVE-2011-3583

    It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This…

  • CVE-2011-1933

    SQL injection vulnerability in Jifty::DBI before 0.68. View Full Alert

  • CVE-2011-5328

    The user-access-manager plugin before 1.2 for WordPress has CSRF. View Full Alert