Lucene search
GoogleOSV:GHSA-W38G-HJ45-MJJPHistoryMay 24, 2022 - 4:44 p.m.
Contao SQL injection in the backend and listing module
2022-05-2416:44:36
Google
osv.dev
8
contao
sql injection
backend
listing module
software
Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the backend as well as in the listing module.
References
contao.org/de/changelog/versions/4.4.html
contao.org/en/news/contao-4_4_8.html
github.com/contao/contao/blob/4.4.57/CHANGELOG.md#448-2017-11-15
github.com/contao/contao/commit/501cb3cd34d61089b94e7ed78da53977bc71fc3e
github.com/contao/contao/commit/6b4a2711edf166c85cfd7a53fed6aea56d4f0544
github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2017-16558.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2017-16558.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/contao/listing-bundle/CVE-2017-16558.yaml
nvd.nist.gov/vuln/detail/CVE-2017-16558
Related
prion
prion
Sql injection
2019-04-25 17:29:00
friendsofphp
friendsofphp
SQL injection vulnerabililty in the back end search filter
2017-11-15 08:51:00
SQL injection vulnerabililty in the back end search filter
2017-11-15 08:51:00
SQL injection vulnerabililty in the front end listing module
2017-11-15 08:53:00
cvelist
cvelist
CVE-2017-16558
2019-04-25 16:36:49
veracode
veracode
SQL Injection
2017-11-17 03:48:54
contao
contao
SQL injection in the back end search filter and the listing module
2017-11-15 00:00:00
SQL injection in the file manager
2019-04-30 00:00:00
osv
osv
CVE-2017-16558
2019-04-25 17:29:00
Contao SQL injection in the file manager
2022-05-24 16:49:47
github
github
Contao SQL injection in the backend and listing module
2022-05-24 16:44:36
Contao SQL injection in the file manager
2022-05-24 16:49:47
cve
cve
CVE-2017-16558
2019-04-25 17:29:00
nvd
nvd
CVE-2017-16558
2019-04-25 17:29:00