Arbitrary SQL Command Execution in TYPO3 Store Locator Extension

Arbitrary SQL Command Execution in TYPO3 Store Locator Extension

CVE-2015-4610 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Learn more about our User Device Pen Test.