Sql injection

2015-06-1616:59:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.9%

JSON

SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
developer_logle2.11.3

CPE	Name	Operator	Version
	developer_log	le	2.11.3

References

typo3.org/extensions/repository/view/devlog

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-011/

www.securityfocus.com/bid/75257