All the vulnerabilites related to typo3 - jobcontrol
Vulnerability from fkie_nvd
Published
2008-10-22 00:11
Modified
2024-11-21 00:52
Severity ?
Summary
SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| typo3 | typo3 | * | |
| typo3 | jobcontrol | * | |
| typo3 | jobcontrol | 0.0.0 | |
| typo3 | jobcontrol | 1.0.0 | |
| typo3 | jobcontrol | 1.0.1 | |
| typo3 | jobcontrol | 1.1 | |
| typo3 | jobcontrol | 1.1.1 | |
| typo3 | jobcontrol | 1.2 | |
| typo3 | jobcontrol | 1.3 | |
| typo3 | jobcontrol | 1.4 | |
| typo3 | jobcontrol | 1.5 | |
| typo3 | jobcontrol | 1.6 | |
| typo3 | jobcontrol | 1.7 | |
| typo3 | jobcontrol | 1.8 | |
| typo3 | jobcontrol | 1.8.1 | |
| typo3 | jobcontrol | 1.8.2 | |
| typo3 | jobcontrol | 1.8.3 | |
| typo3 | jobcontrol | 1.9 | |
| typo3 | jobcontrol | 1.9.1 | |
| typo3 | jobcontrol | 1.9.2 | |
| typo3 | jobcontrol | 1.9.3 | |
| typo3 | jobcontrol | 1.9.4 | |
| typo3 | jobcontrol | 1.9.5 | |
| typo3 | jobcontrol | 1.10.0 | |
| typo3 | jobcontrol | 1.10.1 | |
| typo3 | jobcontrol | 1.10.2 | |
| typo3 | jobcontrol | 1.10.3 | |
| typo3 | jobcontrol | 1.11.0 | |
| typo3 | jobcontrol | 1.11.1 | |
| typo3 | jobcontrol | 1.11.2 | |
| typo3 | jobcontrol | 1.12.0 | |
| typo3 | jobcontrol | 1.13.0 | |
| typo3 | jobcontrol | 1.14.0 | |
| typo3 | jobcontrol | 1.15.0 | |
| typo3 | jobcontrol | 1.15.1 | |
| typo3 | jobcontrol | 1.15.2 | |
| typo3 | jobcontrol | 1.15.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1C59B0-CDF2-4F9A-88C7-61E8F18590DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C03C24A7-8C42-4E9F-AB4E-DF4BED771448",
"versionEndIncluding": "1.15.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DAAC766E-B1CD-46F4-AEFA-1E68768E8819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5846A3C1-5C1C-4DC0-85EE-2FFBA0DFE1DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F70BF5D-CBED-4A26-8200-9EDF8396B383",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E3B6D1E-15B4-43FE-A236-E4D02520DC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "800F03FB-E265-476D-A291-B5F53C75A5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E937CC1F-9F88-49A9-AD16-62ADAA8D55FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "819E4145-5FFE-49CA-91FC-75755478D0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA66AF6-0F8F-43F5-B0D5-A534338D4D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E12955-CBEC-4AEF-932F-9FE0D6B1A734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "72CF2A47-58B3-4628-9FAE-B2CED784562D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB6E779-77E7-490E-B57E-BD0D5596E54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78ACF2D8-AC99-43A3-8B8E-AC549E7BA815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDEA5C33-E505-42DB-9B4C-99800907AD04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9B8495-828D-407D-9283-FB0FC7C3D756",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70497A42-264D-4C71-BEC5-613EB7D005CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "93B25DE6-B56A-4F43-95EC-469CF0A21728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C167D767-5105-4342-95A9-4B062DA23198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "006252F1-D4D8-46DB-AEFE-E96EBC17405E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1853DC-24BE-4F0F-9C16-19BFA3CFDB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD87AA7-1F71-433C-9D48-A4DF4B39C9A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B040E669-4DF9-4949-9699-8BA5650BEAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61D6DC9A-FA53-43CF-B755-64F515BD3711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8372FE47-D502-4BAF-A703-F2B9D3C8B32E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7B3F2A-4B80-4FA6-BA52-01675BCA00A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "875F2374-088E-411F-BFD4-6CC43F23DA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05336E07-D5DF-44BC-8B67-C7E802A0A27B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3A97D89-C7B0-425C-90A9-00E59249ABE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85ED59D6-AE2A-494C-B98D-7D132FABB946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46ABBEC8-C2DD-44BA-BB59-FC80A0C89433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237DE41B-CFB1-425F-93F2-513153DC001D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD5BA8EE-A221-46E7-A23A-64198F367349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4656CCF-9C97-4DE0-9E4E-2069FA8867E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69CE8E4B-656A-4757-B631-A7B6B4BF56EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFD7E36-EAE8-4937-B89F-A55C6387F743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:typo3:jobcontrol:1.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF276B5D-D830-43C3-B4C9-DD4147032861",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la extensi\u00f3n JobControl (dmmjobcontrol) v1.15.4 y anteriores para TYPO3, permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-4658",
"lastModified": "2024-11-21T00:52:12.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-22T00:11:51.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32342"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31840"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/31840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2870"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2008-4658
Vulnerability from cvelistv5
Published
2008-10-21 22:00
Modified
2024-08-07 10:24
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31840 | vdb-entry, x_refsource_BID | |
| http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/ | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2008/2870 | vdb-entry, x_refsource_VUPEN | |
| http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32342 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:24:20.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31840",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31840"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/"
},
{
"name": "ADV-2008-2870",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2870"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/"
},
{
"name": "32342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32342"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31840",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31840"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/"
},
{
"name": "ADV-2008-2870",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2870"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/"
},
{
"name": "32342",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32342"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the JobControl (dmmjobcontrol) 1.15.4 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31840"
},
{
"name": "http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/",
"refsource": "MISC",
"url": "http://typo3.org/extensions/repository/view/dmmjobcontrol/1.15.5/"
},
{
"name": "ADV-2008-2870",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2870"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-20081020-1/"
},
{
"name": "32342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32342"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4658",
"datePublished": "2008-10-21T22:00:00",
"dateReserved": "2008-10-21T00:00:00",
"dateUpdated": "2024-08-07T10:24:20.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}