CVE-2012-6577
CVE-2012-6577 concerns the TYPO3 Formhandler extension prior to 1.4.1. The authenticated Formhandler user with certain permissions can trigger a SQL injection via unspecified vectors, allowing execution of arbitrary SQL commands on the backend. The impact is limited to the database layer of the a...