Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011.
References
| Link | Resource |
|---|---|
| http://osvdb.org/71674 | |
| http://secunia.com/advisories/44055 | Vendor Advisory |
| http://typo3.org/extensions/repository/view/wec_discussion/2.1.1/ | Vendor Advisory |
| http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-003/ | Vendor Advisory |
| http://www.securityfocus.com/bid/47257 | |
| http://www.vupen.com/english/advisories/2011/0896 | Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66619 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-04-19T19:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2011-04-19T00:00:00
Link: CVE-2011-1722
JSON object: View
NVD Information
Status : Modified
Published: 2011-04-19T19:55:01.937
Modified: 2017-08-17T01:34:21.260
Link: CVE-2011-1722
JSON object: View
Redhat Information
No data.
CWE