cpe:/a:tw_productfinder:tw_productfinder:0.0.2 CVE-2009-4163 2009-12-02T12:30:00.593-05:00 2009-12-07T00:00:00.000-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-03T09:51:00.000-05:00 CONFIRM http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017/ SQL injection vulnerability in the TW Productfinder (tw_productfinder) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.