Lucene search
Veracode Vulnerability DatabaseVERACODE:5444HistoryNov 17, 2017 - 3:48 a.m.
SQL Injection
2017-11-1703:48:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.002 Low
EPSS
Percentile
51.6%
contao/core is vulnerable to SQL Injection attacks. The library does not properly sanitize the search filter in the backend, allowing a malicious user to inject and execute arbitrary SQL commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| contao/core | le | 3.5.30 | |
| contao/contao | le | 4.4.7 |
References
Related
contao
contao
SQL injection in the back end search filter and the listing module
2017-11-15 00:00:00
SQL injection in the file manager
2019-04-30 00:00:00
cvelist
cvelist
CVE-2017-16558
2019-04-25 16:36:49
friendsofphp
friendsofphp
SQL injection vulnerabililty in the back end search filter
2017-11-15 08:51:00
SQL injection vulnerabililty in the back end search filter
2017-11-15 08:51:00
SQL injection vulnerabililty in the front end listing module
2017-11-15 08:53:00
prion
prion
Sql injection
2019-04-25 17:29:00
osv
osv
CVE-2017-16558
2019-04-25 17:29:00
Contao SQL injection in the backend and listing module
2022-05-24 16:44:36
Contao SQL injection in the file manager
2022-05-24 16:49:47
cve
cve
CVE-2017-16558
2019-04-25 17:29:00
nvd
nvd
CVE-2017-16558
2019-04-25 17:29:00
github
github
Contao SQL injection in the backend and listing module
2022-05-24 16:44:36
Contao SQL injection in the file manager
2022-05-24 16:49:47