CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19850

An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. Because escaping of user-submitted content is mishandled, the class QueryGenerator is vulnerable to SQL injection. Exploitation requires having the system extension ext:lowlevel installed, and a valid backend user who has administrator privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.3%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 6.5

References

Products affected by CVE-2019-19850

Typo3 » Typo3 » Version: 10.0.0

cpe:2.3:a:typo3:typo3:10.0.0
Typo3 » Typo3 » Version: 10.0.10

cpe:2.3:a:typo3:typo3:10.0.10
Typo3 » Typo3 » Version: 10.0.9

cpe:2.3:a:typo3:typo3:10.0.9
Typo3 » Typo3 » Version: 10.1.0

cpe:2.3:a:typo3:typo3:10.1.0
Typo3 » Typo3 » Version: 10.2.0

cpe:2.3:a:typo3:typo3:10.2.0
Typo3 » Typo3 » Version: 10.2.1

cpe:2.3:a:typo3:typo3:10.2.1
Typo3 » Typo3 » Version: 8.0.0

cpe:2.3:a:typo3:typo3:8.0.0
Typo3 » Typo3 » Version: 8.0.1

cpe:2.3:a:typo3:typo3:8.0.1
Typo3 » Typo3 » Version: 8.0.7

cpe:2.3:a:typo3:typo3:8.0.7
Typo3 » Typo3 » Version: 8.0.8

cpe:2.3:a:typo3:typo3:8.0.8
Typo3 » Typo3 » Version: 8.1.0

cpe:2.3:a:typo3:typo3:8.1.0
Typo3 » Typo3 » Version: 8.1.1

cpe:2.3:a:typo3:typo3:8.1.1
Typo3 » Typo3 » Version: 8.1.2

cpe:2.3:a:typo3:typo3:8.1.2
Typo3 » Typo3 » Version: 8.2.0

cpe:2.3:a:typo3:typo3:8.2.0
Typo3 » Typo3 » Version: 8.2.1

cpe:2.3:a:typo3:typo3:8.2.1
Typo3 » Typo3 » Version: 8.3.0

cpe:2.3:a:typo3:typo3:8.3.0
Typo3 » Typo3 » Version: 8.3.1

cpe:2.3:a:typo3:typo3:8.3.1
Typo3 » Typo3 » Version: 8.4.0

cpe:2.3:a:typo3:typo3:8.4.0
Typo3 » Typo3 » Version: 8.4.1

cpe:2.3:a:typo3:typo3:8.4.1
Typo3 » Typo3 » Version: 8.5.0

cpe:2.3:a:typo3:typo3:8.5.0
Typo3 » Typo3 » Version: 8.5.1

cpe:2.3:a:typo3:typo3:8.5.1
Typo3 » Typo3 » Version: 8.6.0

cpe:2.3:a:typo3:typo3:8.6.0
Typo3 » Typo3 » Version: 8.6.1

cpe:2.3:a:typo3:typo3:8.6.1
Typo3 » Typo3 » Version: 8.7.0

cpe:2.3:a:typo3:typo3:8.7.0
Typo3 » Typo3 » Version: 8.7.1

cpe:2.3:a:typo3:typo3:8.7.1
Typo3 » Typo3 » Version: 8.7.10

cpe:2.3:a:typo3:typo3:8.7.10
Typo3 » Typo3 » Version: 8.7.11

cpe:2.3:a:typo3:typo3:8.7.11
Typo3 » Typo3 » Version: 8.7.12

cpe:2.3:a:typo3:typo3:8.7.12
Typo3 » Typo3 » Version: 8.7.13

cpe:2.3:a:typo3:typo3:8.7.13
Typo3 » Typo3 » Version: 8.7.14

cpe:2.3:a:typo3:typo3:8.7.14
Typo3 » Typo3 » Version: 8.7.15

cpe:2.3:a:typo3:typo3:8.7.15
Typo3 » Typo3 » Version: 8.7.16

cpe:2.3:a:typo3:typo3:8.7.16
Typo3 » Typo3 » Version: 8.7.17

cpe:2.3:a:typo3:typo3:8.7.17
Typo3 » Typo3 » Version: 8.7.18

cpe:2.3:a:typo3:typo3:8.7.18
Typo3 » Typo3 » Version: 8.7.19

cpe:2.3:a:typo3:typo3:8.7.19
Typo3 » Typo3 » Version: 8.7.2

cpe:2.3:a:typo3:typo3:8.7.2
Typo3 » Typo3 » Version: 8.7.20

cpe:2.3:a:typo3:typo3:8.7.20
Typo3 » Typo3 » Version: 8.7.21

cpe:2.3:a:typo3:typo3:8.7.21
Typo3 » Typo3 » Version: 8.7.22

cpe:2.3:a:typo3:typo3:8.7.22
Typo3 » Typo3 » Version: 8.7.23

cpe:2.3:a:typo3:typo3:8.7.23
Typo3 » Typo3 » Version: 8.7.24

cpe:2.3:a:typo3:typo3:8.7.24
Typo3 » Typo3 » Version: 8.7.25

cpe:2.3:a:typo3:typo3:8.7.25
Typo3 » Typo3 » Version: 8.7.26

cpe:2.3:a:typo3:typo3:8.7.26
Typo3 » Typo3 » Version: 8.7.27

cpe:2.3:a:typo3:typo3:8.7.27
Typo3 » Typo3 » Version: 8.7.28

cpe:2.3:a:typo3:typo3:8.7.28
Typo3 » Typo3 » Version: 8.7.29

cpe:2.3:a:typo3:typo3:8.7.29
Typo3 » Typo3 » Version: 8.7.3

cpe:2.3:a:typo3:typo3:8.7.3
Typo3 » Typo3 » Version: 8.7.4

cpe:2.3:a:typo3:typo3:8.7.4
Typo3 » Typo3 » Version: 8.7.5

cpe:2.3:a:typo3:typo3:8.7.5
Typo3 » Typo3 » Version: 8.7.6

cpe:2.3:a:typo3:typo3:8.7.6
Typo3 » Typo3 » Version: 8.7.7

cpe:2.3:a:typo3:typo3:8.7.7
Typo3 » Typo3 » Version: 8.7.8

cpe:2.3:a:typo3:typo3:8.7.8
Typo3 » Typo3 » Version: 8.7.9

cpe:2.3:a:typo3:typo3:8.7.9
Typo3 » Typo3 » Version: 9.0.0

cpe:2.3:a:typo3:typo3:9.0.0
Typo3 » Typo3 » Version: 9.0.3

cpe:2.3:a:typo3:typo3:9.0.3
Typo3 » Typo3 » Version: 9.0.4

cpe:2.3:a:typo3:typo3:9.0.4
Typo3 » Typo3 » Version: 9.1.0

cpe:2.3:a:typo3:typo3:9.1.0
Typo3 » Typo3 » Version: 9.1.2

cpe:2.3:a:typo3:typo3:9.1.2
Typo3 » Typo3 » Version: 9.1.3

cpe:2.3:a:typo3:typo3:9.1.3
Typo3 » Typo3 » Version: 9.2.0

cpe:2.3:a:typo3:typo3:9.2.0
Typo3 » Typo3 » Version: 9.2.1

cpe:2.3:a:typo3:typo3:9.2.1
Typo3 » Typo3 » Version: 9.3.0

cpe:2.3:a:typo3:typo3:9.3.0
Typo3 » Typo3 » Version: 9.3.1

cpe:2.3:a:typo3:typo3:9.3.1
Typo3 » Typo3 » Version: 9.3.2

cpe:2.3:a:typo3:typo3:9.3.2
Typo3 » Typo3 » Version: 9.3.3

cpe:2.3:a:typo3:typo3:9.3.3
Typo3 » Typo3 » Version: 9.4.0

cpe:2.3:a:typo3:typo3:9.4.0
Typo3 » Typo3 » Version: 9.5.0

cpe:2.3:a:typo3:typo3:9.5.0
Typo3 » Typo3 » Version: 9.5.1

cpe:2.3:a:typo3:typo3:9.5.1
Typo3 » Typo3 » Version: 9.5.10

cpe:2.3:a:typo3:typo3:9.5.10
Typo3 » Typo3 » Version: 9.5.11

cpe:2.3:a:typo3:typo3:9.5.11
Typo3 » Typo3 » Version: 9.5.2

cpe:2.3:a:typo3:typo3:9.5.2
Typo3 » Typo3 » Version: 9.5.3

cpe:2.3:a:typo3:typo3:9.5.3
Typo3 » Typo3 » Version: 9.5.4

cpe:2.3:a:typo3:typo3:9.5.4
Typo3 » Typo3 » Version: 9.5.5

cpe:2.3:a:typo3:typo3:9.5.5
Typo3 » Typo3 » Version: 9.5.6

cpe:2.3:a:typo3:typo3:9.5.6
Typo3 » Typo3 » Version: 9.5.7

cpe:2.3:a:typo3:typo3:9.5.7
Typo3 » Typo3 » Version: 9.5.8

cpe:2.3:a:typo3:typo3:9.5.8
Typo3 » Typo3 » Version: 9.5.9

cpe:2.3:a:typo3:typo3:9.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19850

Products

Pricing

Contact Us