CVE-2014-7201

Multiple SQL injection vulnerabilities in the search function in pi1/class.txdmmjobcontrolpi1.php in the JobControl dmmjobcontrol extension 2.14.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via the 1 education, 2 region, or 3 sector fields, as demonstrated by t...