RSS   Vulnerabilities for 'Si bibtex'   RSS

2014-05-16
 
CVE-2014-3759

CWE-89
 

 
Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search or (2) list functionality.

 
 
CVE-2014-3758

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the import functionality.

 


Copyright 2024, cxsecurity.com

 

Back to Top