SQL Injection Vulnerability in T3BLOG Extension for TYPO3
CVE-2010-0798

Currently unrated

Key Information:

Vendor: Snowflake
Status: T3blog
Vendor: CVE Published:; 2 March 2010

What is CVE-2010-0798?

The T3BLOG extension for TYPO3 up to version 0.6.2 is vulnerable to SQL injection, allowing remote attackers to execute arbitrary SQL commands through unspecified vectors. This critical flaw can potentially compromise the integrity and confidentiality of the database, leading to unauthorized data access and manipulation. Website owners using this version of T3BLOG are strongly urged to update to a secure version and review their security configurations.

References

http://www.securityfocus.com/bid/38030

vdb-entryx_refsource_BID

http://secunia.com/advisories/38388

third-party-advisoryx_refsource_SECUNIA

http://typo3.org/teams/security/security-bulletins/typo3-...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 2, 2010

CVE-2010-0798 Data

JSON

Snowflake

What is CVE-2010-0798?

References

Timeline