CVE-2014-3759
Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search or (2) list functionality.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0040 (0.4%)
Percentile: 60.5%
EPSS: 2026-05-06
Affects
karlen_walter:si_bibtexTechnical description
Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search or (2) list functionality.
Published: 5/16/2014, 2:55:05 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://seclists.org/fulldisclosure/2014/Apr/314
- http://www.securityfocus.com/archive/1/531980/100/0/threaded
- http://www.securityfocus.com/bid/67145
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140430-0_Typo3_si_bibtex_extension_SQL_injection_and_XSS_vulnerabilities_v10.txt
- http://seclists.org/fulldisclosure/2014/Apr/314
- http://www.securityfocus.com/archive/1/531980/100/0/threaded
- http://www.securityfocus.com/bid/67145
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140430-0_Typo3_si_bibtex_extension_SQL_injection_and_XSS_vulnerabilities_v10.txt