Arbitrary SQL Command Execution in TYPO3 Questionnaire Extension (ke_questionnaire)

Arbitrary SQL Command Execution in TYPO3 Questionnaire Extension (ke_questionnaire)

CVE-2010-4957 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.