CVE-2014-6241 – SQL injection vulnerability in the wt_directory extension before 1.4.1 fo

SQL injection vulnerability in the wt_directory extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6241

Reference (s):

• BID:69568
• URL: http://www.securityfocus.com/bid/69568
• http://typo3.org/extensions/repository/view/wt_directory
• http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
• SECUNIA:60867