Published: 17/06/2015 Updated: 09/10/2018

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

VMScore: 605

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension prior to 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
akronymmanager project akronymmanager

Advisory: SQL Injection in TYPO3 Extension Akronymmanager An SQL injection vulnerability in the TYPO3 extension "Akronymmanager" allows authenticated attackers to inject SQL statements and thereby read data from the TYPO3 database Details ======= Product: sb_akronymmanager Affected Versions: <=050 Fixed Versions: 700 Vulnerability Type: ...

TYPO3 Extension Akronymmanager versions 050 and below suffer from a remote SQL injection vulnerability ...

CWE-89 http://seclists.org/fulldisclosure/2015/Jun/43 http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html https://www.redteam-pentesting.de/advisories/rt-sa-2015-002 http://typo3.org/extensions/repository/view/sb_akronymmanager https://www.exploit-db.com/exploits/37301/http://www.securityfocus.com/bid/75191 http://www.securityfocus.com/archive/1/535765/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/37301/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-2803

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect