{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T19:52:03.508","vulnerabilities":[{"cve":{"id":"CVE-2011-3583","sourceIdentifier":"secalert@redhat.com","published":"2019-11-26T00:15:11.093","lastModified":"2024-11-21T01:30:47.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input."},{"lang":"es","value":"Se detectó que Typo3 Core versiones 4.5.0 hasta 4.5.5 utiliza sentencias preparadas que, si los valores de los parámetros no se reemplazan apropiadamente, podrían generar una vulnerabilidad de Inyección SQL. Este problema solo puede ser explotado si dos o más parámetros están vinculados a la consulta y al menos dos provienen desde la entrada del usuario."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:N\/C:P\/I:P\/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndIncluding":"4.5.5","matchCriteriaId":"10811F0A-7CE1-4190-81C6-4AE3CF9797E6"}]}]}],"references":[{"url":"https:\/\/access.redhat.com\/security\/cve\/cve-2011-3583","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=641682","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https:\/\/security-tracker.debian.org\/tracker\/CVE-2011-3583","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https:\/\/typo3.org\/security\/advisory\/typo3-core-sa-2011-002\/","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https:\/\/access.redhat.com\/security\/cve\/cve-2011-3583","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https:\/\/bugs.debian.org\/cgi-bin\/bugreport.cgi?bug=641682","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https:\/\/security-tracker.debian.org\/tracker\/CVE-2011-3583","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https:\/\/typo3.org\/security\/advisory\/typo3-core-sa-2011-002\/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}