PT-2023-10285 · Typo3+1 · Typo3+1
Mback2K
·
Published
2023-05-28
·
Updated
2024-08-06
·
CVE-2015-10106
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
mback2k mh httpbl Extension versions 1.1.7 and earlier
Description
A critical vulnerability was found in the mback2k mh httpbl Extension on TYPO3, affecting the function
moduleContent of the file mod1/index.php. This issue leads to SQL injection and can be initiated remotely.Recommendations
For versions 1.1.7 and earlier, upgrade to version 1.1.8 to address this issue. As a temporary workaround, consider restricting access to the
moduleContent function in the mod1/index.php file until the upgrade is applied.Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Typo3
Mback2K Mh Httpbl Extension