Search for vulnerabilities
| Vulnerability ID | VCID-pf2m-q69d-pqgr |
| Aliases |
CVE-2012-6144
GHSA-947m-vgqc-x6v4 |
| Summary | Typo3 Backend History Module Vulnerable to SQL Injection SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 Due to missing encoding of user input, the history module is susceptible to SQL Injection and Cross-Site Scripting. A valid backend login is required to exploit this vulnerability. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.00303 | https://api.first.org/data/v1/epss?cve=CVE-2012-6144 |
| epss | 0.00595 | https://api.first.org/data/v1/epss?cve=CVE-2012-6144 |
| generic_textual | MODERATE | https://exchange.xforce.ibmcloud.com/vulnerabilities/79964 |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2012-6144 |
| generic_textual | MODERATE | http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-005 |
| generic_textual | MODERATE | http://www.openwall.com/lists/oss-security/2013/06/19/4 |
| Percentile | 0.53151 |
| EPSS Score | 0.00303 |
| Published At | July 4, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:27:42.163642+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-947m-vgqc-x6v4/GHSA-947m-vgqc-x6v4.json | 36.1.3 |