Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/05/19 9:24 a.m.60 views

CVE-2026-8827 SQL Injection in extension "Address List" (tt_address)

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

8.2CVSS0.00327EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 9:24 a.m.13 views

CVE-2026-8827 SQL Injection in extension "Address List" (tt_address)

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

8.2CVSS5.8AI score0.00327EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 9:24 a.m.27 views

CVE-2026-8827

The CVE concerns TYPO3 extension Address List (tt_address). AddressRepository::getSqlQuery() builds a database query without proper sanitization, enabling SQL injection when untrusted input is used. The issue is not triggered internally by the extension in a default install, but could be exploite...

8.2CVSS5.8AI score0.00327EPSS
Exploits0References1
OSV
OSV
added 2026/05/19 9:24 a.m.4 views

CVE-2026-8827 SQL Injection in extension "Address List" (tt_address)

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

8.2CVSS5.9AI score0.00327EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.8 views

TYPO3 Extension Address List SQL注入漏洞

TYPO3 Extension Address List is an open-source extension for TYPO3, designed for address book and contact management purposes. TYPO3 Extension Address List has a SQL injection vulnerability; this vulnerability stems from the getSqlQuery method not properly cleaning user input, which may lead to S...

8.2CVSS5.8AI score0.00327EPSS
Exploits0References1
Rows per page
Query Builder