CVE-2012-1071

SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL...

Basic Information

CVE State: PUBLISHED
Reserved Date: February 14, 2012
Published Date: February 14, 2012
Last Updated: August 06, 2024
Vendor: TYPO3
Product: Kitchen recipe (mv_cooking) extension
Description: SQL injection vulnerability in the Kitchen recipe (mv_cooking) extension before 0.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild as of February 2012.

CVSS Scores

CVSS v2.0

7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploit Status

Exploited in the Wild: Yes (2012-02-14 17:00:00 UTC) Source

References

http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001/ https://exchange.xforce.ibmcloud.com/vulnerabilities/72934 http://typo3.org/extensions/repository/view/mv_cooking/0.4.1/ http://www.securityfocus.com/bid/51825 http://secunia.com/advisories/47437 http://osvdb.org/78748

Known Exploited Vulnerability Information

Source	Added Date
CVE	2012-02-14 17:00:00 UTC

Timeline

CVE ID Reserved

February 14, 2012
CVE Published to Public

February 14, 2012
Added to KEVIntel

February 14, 2012