TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-6144 - Vulnerability Database

TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2012-6144

Medium
Reference: CVE-2012-6144
Title: TYPO3 Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21 4.6.x before 4.6.14 and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.