Skip to main content

News System

1 CVEs product

Monthly

CVE-2017-7581 CRITICAL POC THREAT Emergency

SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 64.5%.

SQLi PHP News System
NVD
CVSS 3.0
9.8
EPSS
64.5%
Threat
5.4
EPSS 65% 5.4 CVSS 9.8
CRITICAL POC THREAT Emergency

SQL injection vulnerability in NewsController.php in the News module 5.3.2 and earlier for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 64.5%.

SQLi PHP News System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy