Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/05/19 9:24 a.m.13 views

CVE-2026-8827 SQL Injection in extension "Address List" (tt_address)

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

8.2CVSS5.8AI score0.00327EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 9:24 a.m.59 views

CVE-2026-8827 SQL Injection in extension "Address List" (tt_address)

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

8.2CVSS0.00327EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 9:24 a.m.26 views

CVE-2026-8827

The CVE concerns TYPO3 extension Address List (tt_address). AddressRepository::getSqlQuery() builds a database query without proper sanitization, enabling SQL injection when untrusted input is used. The issue is not triggered internally by the extension in a default install, but could be exploite...

8.2CVSS5.8AI score0.00327EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.7 views

TYPO3 Extension Address List SQL注入漏洞

TYPO3 Extension Address List is an open-source extension for TYPO3, designed for address book and contact management purposes. TYPO3 Extension Address List has a SQL injection vulnerability; this vulnerability stems from the getSqlQuery method not properly cleaning user input, which may lead to S...

8.2CVSS5.8AI score0.00327EPSS
Exploits0References1
Rows per page
Query Builder