Unrated severityNVD Advisory· Published Jun 17, 2015· Updated May 6, 2026

CVE-2015-2803

Description

SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter.

Affected products

Akronymmanager Project/Akronymmanager
cpe:2.3:a:akronymmanager_project:akronymmanager:*:*:*:*:*:typo3:*:*
Range: <=0.5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

typo3.org/extensions/repository/view/sb_akronymmanagernvdPatch
packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.htmlnvdExploit
seclists.org/fulldisclosure/2015/Jun/43nvdExploit
www.exploit-db.com/exploits/37301/nvdExploit
www.redteam-pentesting.de/advisories/rt-sa-2015-002nvdExploit
www.securityfocus.com/archive/1/535765/100/0/threadednvd
www.securityfocus.com/bid/75191nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000