GHSA-v4fw-fh5c-xvjg
Suggest an improvement- Source
- https://github.com/advisories/GHSA-v4fw-fh5c-xvjg
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-v4fw-fh5c-xvjg/GHSA-v4fw-fh5c-xvjg.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-v4fw-fh5c-xvjg
- Aliases
-
- CVE-2013-4682
- Published
- 2022-05-17T05:00:38Z
- Modified
- 2025-04-12T03:57:07.296896Z
- Summary
- Multishop extension for TYPO3 has SQL Injection vulnerability
- Details
-
SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
- Database specific
{ "nvd_published_at": "2013-06-25T18:55:00Z", "cwe_ids": [ "CWE-89" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-04-12T03:11:21Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2013-4682
- https://github.com/bvbmedia/multishop
- https://web.archive.org/web/20130701223430/http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009-1
- https://web.archive.org/web/20200229092533/http://www.securityfocus.com/bid/60271
- http://typo3.org/extensions/repository/view/multishop
Affected packages
Packagist / bvbmedia/multishop
Package
- Name
- bvbmedia/multishop
- Purl
- pkg:composer/bvbmedia/multishop