[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager

June 15, 2015 007admin Leave a comment

Posted by RedTeam Pentesting GmbH on Jun 15

Advisory: SQL Injection in TYPO3 Extension Akronymmanager

An SQL injection vulnerability in the TYPO3 extension “Akronymmanager”
allows authenticated attackers to inject SQL statements and thereby read
data from the TYPO3 database.

Details
=======

Product: sb_akronymmanager
Affected Versions: <=0.5.0
Fixed Versions: 7.0.0
Vulnerability Type: SQL Injection
Security Risk: medium
Vendor URL:…

007 Software

[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager

Leave a Reply Cancel reply

Software and Security Information