cpe:/a:dirk_maiwert:datamints_newsticker:0.1.0 cpe:/a:dirk_maiwert:datamints_newsticker:0.4.0 cpe:/a:dirk_maiwert:datamints_newsticker:0.5.0 cpe:/a:dirk_maiwert:datamints_newsticker:0.6.0 cpe:/a:dirk_maiwert:datamints_newsticker:0.6.1 cpe:/a:dirk_maiwert:datamints_newsticker:0.6.2 cpe:/a:dirk_maiwert:datamints_newsticker:0.6.3 cpe:/a:dirk_maiwert:datamints_newsticker:0.7.0 cpe:/a:dirk_maiwert:datamints_newsticker:0.7.1 CVE-2009-4709 2010-03-15T17:30:00.980-04:00 2010-03-16T11:03:36.477-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-03-16T10:57:00.000-04:00 BID 35879 CONFIRM http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-010/ SQL injection vulnerability in the datamints Newsticker (datamints_newsticker) extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.