CVE-2008-6344

TYPO3 TU-Clausthal Staff < 0.3.0 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in the TU-Clausthal Staff (tuc_staff) 0.3.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

http://typo3.org/teams/security/security-bulletins/typo3-20081222-4

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32981

Scores

EPSS 0.0032

EPSS Percentile 54.9%

Details

CWE

CWE-89

Status published

Products (5)

typo3/tu-clausthal_staff 0.0.1

typo3/tu-clausthal_staff 0.1.0

typo3/tu-clausthal_staff 0.1.1

typo3/tu-clausthal_staff 0.2.0

typo3/tu-clausthal_staff < 0.3.0

Published Feb 27, 2009

Tracked Since Feb 18, 2026