2 matches found
CVE-2014-6241
The CVE-2014-6241 entry concerns the TYPO3 wt_directory extension. Affected version: wt_directory before 1.4.1. Issue: SQL injection allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. Impact as stated is arbitrary SQL execution. Remediation: update to wt_director...
CVE-2015-4609
CVE-2015-4609 concerns a SQL injection in the TYPO3 wt_directory extension prior to 1.4.2. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Affected component: TYPO3 wt_directory (extension). Root cause: unsafe handling of SQL queries ...