The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input, leading to MySQL database vulnerability
Reporter | Title | Published | Views | Family All 10 |
---|---|---|---|---|
OSV | TYPO3 Sensitive Information Disclosure via escapeStrForLike method | 17 May 202201:55 | – | osv |
CVE | CVE-2010-5104 | 21 May 201220:55 | – | cve |
CVE | CVE-2012-2349 | 21 May 201219:55 | – | cve |
Prion | Code injection | 21 May 201220:55 | – | prion |
NVD | CVE-2010-5104 | 21 May 201220:55 | – | nvd |
NVD | CVE-2012-2349 | 21 May 201219:55 | – | nvd |
Github Security Blog | TYPO3 Sensitive Information Disclosure via escapeStrForLike method | 17 May 202201:55 | – | github |
UbuntuCve | CVE-2010-5104 | 21 May 201200:00 | – | ubuntucve |
Typo3 | Multiple vulnerabilities in TYPO3 Core | 16 Dec 201000:00 | – | typo3 |
OpenVAS | TYPO3 Multiple Vulnerabilities (Dec 2010) | 9 Jan 201400:00 | – | openvas |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo