Synced 18 Jun 2026 05:58 UTC Account
← All products

CVE-2010-4887

HIGH severity · CVSS 7.5 · SQL injection
7.5CVSS HIGH

Summary

SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Impact & exploitability

Attack vectorNetwork
Attack complexityLow
Privileges required
User interaction
Confidentiality impact
Integrity impact
Availability impact
Exploit probability (EPSS)1%

AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected products we track (1)

TYPO3

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information