MidnightBSD

Advisories for webempoweredchurch

CVE-2011-1722 HIGH

Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in April 2011.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
webempoweredchurch wec_discussion 1.6.1
webempoweredchurch wec_discussion 1.7.0
webempoweredchurch wec_discussion 2.0.1
webempoweredchurch wec_discussion *
webempoweredchurch wec_discussion 1.6.0
webempoweredchurch wec_discussion 1.6.2
webempoweredchurch wec_discussion 1.6.3
webempoweredchurch wec_discussion 2.0.2
webempoweredchurch wec_discussion 2.0.3
webempoweredchurch wec_discussion 2.0.4
CVE-2013-4720 HIGH

SQL injection vulnerability in the WEC Discussion Forum extension before 2.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
webempoweredchurch wec_discussion 1.6.1
webempoweredchurch wec_discussion 1.7.0
webempoweredchurch wec_discussion 2.0.1
webempoweredchurch wec_discussion 2.1.0
webempoweredchurch wec_discussion *
webempoweredchurch wec_discussion 1.6.0
webempoweredchurch wec_discussion 1.6.2
webempoweredchurch wec_discussion 1.6.3
webempoweredchurch wec_discussion 2.0.2
webempoweredchurch wec_discussion 2.0.3
webempoweredchurch wec_discussion 2.0.4