SQL injection vulnerability in NewsController.php in the News module 5.3.2 and previous versions for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
news system project news system |