logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2010-4961 dmk/webkitpdf

Package

Manager: composer
Name: dmk/webkitpdf
Vulnerable Version: >=0 <1.1.4

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

EPSS: 0.00366 pctl0.57777

Details

Webkit PDFs for TYPO3 has SQL Injection vulnerability SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Metadata

Created: 2022-05-17T01:56:34Z
Modified: 2025-04-12T02:01:45Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-9568-hcj9-rf7v/GHSA-9568-hcj9-rf7v.json
CWE IDs: ["CWE-89"]
Alternative ID: GHSA-9568-hcj9-rf7v
Finding: F297
Auto approve: 1