cpe:/a:stephan_vits:mf_subscription:0.2.2 CVE-2009-4339 2009-12-17T12:30:00.687-05:00 2017-08-16T21:31:32.617-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-18T07:04:00.000-05:00 VUPEN ADV-2009-3550 CONFIRM http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/ XF typo3-subscription-sql-injection(54782) SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.