CVE-2008-4904
04.11.2008, 00:58
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter.
| Vendor | Product | Version |
|---|---|---|
| typosphere | typo | 𝑥 ≤ 5.1.3 |
| typosphere | typo | 1.6 |
| typosphere | typo | 1.6.8 |
| typosphere | typo | 2.0.0 |
| typosphere | typo | 2.0.1 |
| typosphere | typo | 2.0.5 |
| typosphere | typo | 2.0.6 |
| typosphere | typo | 2.5.0 |
| typosphere | typo | 2.5.1 |
| typosphere | typo | 2.5.2 |
| typosphere | typo | 2.5.3 |
| typosphere | typo | 2.5.4 |
| typosphere | typo | 2.5.5 |
| typosphere | typo | 2.5.6 |
| typosphere | typo | 2.5.7 |
| typosphere | typo | 2.5.8 |
| typosphere | typo | 2.6.0 |
| typosphere | typo | 3.99.0 |
| typosphere | typo | 3.99.1 |
| typosphere | typo | 3.99.2 |
| typosphere | typo | 3.99.3 |
| typosphere | typo | 3.99.4 |
| typosphere | typo | 4.0.0 |
| typosphere | typo | 4.1.1 |
| typosphere | typo | 5.0.2 |
| typosphere | typo | 5.0.3 |
| typosphere | typo | 5.0.3.98 |
| typosphere | typo | 5.0.3.98.1 |
| typosphere | typo | 5.1 |
| typosphere | typo | 5.1.1 |
| typosphere | typo | 5.1.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
References