CVE-2010-5103
published 2012-05-21CVE-2010-5103: SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with…
PriorityP335medium6CVSS 2.0
AVNACMAuSCPIPAP
EPSS
1.32%
67.3th percentile
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms | >= 4.2.0 < 4.2.16 | 4.2.16 |
| typo3 | cms | >= 4.3.0 < 4.3.9 | 4.3.9 |
| typo3 | cms | >= 4.4.0 < 4.4.5 | 4.4.5 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
TYPO3 SQL Injection vulnerability
osv·2022-05-17
CVE-2010-5103 [MEDIUM] TYPO3 SQL Injection vulnerability
TYPO3 SQL Injection vulnerability
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
GHSA
TYPO3 SQL Injection vulnerability
ghsa·2022-05-17
CVE-2010-5103 [MEDIUM] CWE-89 TYPO3 SQL Injection vulnerability
TYPO3 SQL Injection vulnerability
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/35770http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/http://www.openwall.com/lists/oss-security/2011/01/13/2http://www.openwall.com/lists/oss-security/2012/05/10/7http://www.openwall.com/lists/oss-security/2012/05/11/3http://www.openwall.com/lists/oss-security/2012/05/12/5http://www.osvdb.org/70117http://www.securityfocus.com/bid/45470https://exchange.xforce.ibmcloud.com/vulnerabilities/64184http://secunia.com/advisories/35770http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/http://www.openwall.com/lists/oss-security/2011/01/13/2http://www.openwall.com/lists/oss-security/2012/05/10/7http://www.openwall.com/lists/oss-security/2012/05/11/3http://www.openwall.com/lists/oss-security/2012/05/12/5http://www.osvdb.org/70117http://www.securityfocus.com/bid/45470https://exchange.xforce.ibmcloud.com/vulnerabilities/64184
2012-05-21
Published