Vulnerability Detail
Enriched intelligence for a single CVE
High
CVE-2012-1071
PUBLISHEDSQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL...
Not yet in CISA KEV
- Vendor
- TYPO3
- Product
- mv_cooking extension
- Published
- Feb 14, 2012
- EPSS
- —
Automate This Intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012.
CVSS Scores
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitation Status
Exploited in the wild
Recorded 2012-02-14 17:00:00 UTC · CVE
References
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72934
- http://typo3.org/extensions/repository/view/mv_cooking/0.4.1/
- http://www.securityfocus.com/bid/51825
- http://secunia.com/advisories/47437
- http://osvdb.org/78748
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CVE First | 2012-02-14 17:00 UTC |
Timeline
-
Added to KEVIntel
-
CVE Published to Public
-
CVE ID Reserved