CVE-2008-4655

TYPO3 simplesurvey < 1.7.0 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in the Simple survey (simplesurvey) 1.7.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References (4)

Core 4

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2870

Patch x_refsource_confirm

http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32369

Patch x_refsource_confirm

http://typo3.org/extensions/repository/view/simplesurvey/1.8.1/

Scores

EPSS 0.0040

EPSS Percentile 60.7%

Details

CWE

CWE-89

Status published

Products (23)

typo3/simplesurvey 1.0.0

typo3/simplesurvey 1.0.1

typo3/simplesurvey 1.0.2

typo3/simplesurvey 1.0.3

typo3/simplesurvey 1.0.4

typo3/simplesurvey 1.0.5

typo3/simplesurvey 1.1.0

typo3/simplesurvey 1.1.1

typo3/simplesurvey 1.2.1

typo3/simplesurvey 1.2.2

... and 13 more

Published Oct 22, 2008

Tracked Since Feb 18, 2026