TYPO3 Formhandler extension cross-site scripting vulnerability (CNVD-2018-01373)

TYPO3 is a Swiss TYPO3 Association maintains a free and open source content management system framework CMS/CMF. formhandler is one of the Web development form Form module extension plug-in . A cross-site scripting vulnerability exists in the TYPO3 Formhandler extension. As the program fails to...

CVE-2012-6577

SQL injection vulnerability in the Formhandler extension before 1.4.1 for TYPO3 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors...

Sql injection

SQL injection vulnerability in the Formhandler extension before 1.4.1 for TYPO3 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors...

CVE-2012-6577

CVE-2012-6577 concerns the TYPO3 Formhandler extension prior to 1.4.1. The authenticated Formhandler user with certain permissions can trigger a SQL injection via unspecified vectors, allowing execution of arbitrary SQL commands on the backend. The impact is limited to the database layer of the a...