2 matches found
CVE-2008-4904
SQL injection vulnerability in the "Manage pages" feature admin/pages in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the searchpublishedat parameter...
CVE-2008-4904
CVE-2008-4904 is a SQL injection vulnerability in Typo CMS (Manage pages: admin/pages) affecting Typo 5.1.3 and earlier. The flaw allows remote authenticated users with the “blog publisher” role to inject arbitrary SQL through the search[published_at] parameter. Documented impact is partial confi...