Vulnerability Details CVE-2015-2803
SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.8%
CVSS Severity
CVSS v2 Score 6.0
References
- http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html
- http://seclists.org/fulldisclosure/2015/Jun/43
- http://typo3.org/extensions/repository/view/sb_akronymmanager
- http://www.securityfocus.com/archive/1/535765/100/0/threaded
- http://www.securityfocus.com/bid/75191
- https://www.exploit-db.com/exploits/37301/
- https://www.redteam-pentesting.de/advisories/rt-sa-2015-002
- http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html
- http://seclists.org/fulldisclosure/2015/Jun/43
- http://typo3.org/extensions/repository/view/sb_akronymmanager
- http://www.securityfocus.com/archive/1/535765/100/0/threaded
- http://www.securityfocus.com/bid/75191
- https://www.exploit-db.com/exploits/37301/
- https://www.redteam-pentesting.de/advisories/rt-sa-2015-002
Products affected by CVE-2015-2803
-
cpe:2.3:a:akronymmanager_project:akronymmanager:-
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.1.2
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.2.0
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.2.1
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.2.2
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.3.0
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.0
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.1
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.10
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.2
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.3
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.4
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.5
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.6
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.7
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.8
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.4.9
-
cpe:2.3:a:akronymmanager_project:akronymmanager:0.5.0