cpe:/a:typosphere:typo:1.6 cpe:/a:typosphere:typo:1.6.8 cpe:/a:typosphere:typo:2.0.0 cpe:/a:typosphere:typo:2.0.1 cpe:/a:typosphere:typo:2.0.5 cpe:/a:typosphere:typo:2.0.6 cpe:/a:typosphere:typo:2.5.0 cpe:/a:typosphere:typo:2.5.1 cpe:/a:typosphere:typo:2.5.2 cpe:/a:typosphere:typo:2.5.3 cpe:/a:typosphere:typo:2.5.4 cpe:/a:typosphere:typo:2.5.5 cpe:/a:typosphere:typo:2.5.6 cpe:/a:typosphere:typo:2.5.7 cpe:/a:typosphere:typo:2.5.8 cpe:/a:typosphere:typo:2.6.0 cpe:/a:typosphere:typo:3.99.0 cpe:/a:typosphere:typo:3.99.1 cpe:/a:typosphere:typo:3.99.2 cpe:/a:typosphere:typo:3.99.3 cpe:/a:typosphere:typo:3.99.4 cpe:/a:typosphere:typo:4.0.0 cpe:/a:typosphere:typo:4.1.1 cpe:/a:typosphere:typo:5.0.2 cpe:/a:typosphere:typo:5.0.3 cpe:/a:typosphere:typo:5.0.3.98 cpe:/a:typosphere:typo:5.0.3.98.1 cpe:/a:typosphere:typo:5.1 cpe:/a:typosphere:typo:5.1.1 cpe:/a:typosphere:typo:5.1.2 cpe:/a:typosphere:typo:5.1.3 CVE-2008-4904 2008-11-03T19:58:40.213-05:00 2017-08-07T21:32:59.267-04:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-11-04T13:19:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20081031 Typo <= 5.1.3 Multiple Vulnerabilities BID 31993 SECUNIA 32272 SREASON 4550 XF typo-searchpublishedat-sql-injection(46205) SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the search[published_at] parameter.