CVE-2014-6295: WEC Map (wec_map) extension for TYPO3 allows SQL Injection

May 17, 2022 (updated April 14, 2025)

SQL injection vulnerability in the WEC Map (wec_map) extension before 3.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References

github.com/advisories/GHSA-f3v6-g4mv-pjhq
nvd.nist.gov/vuln/detail/CVE-2014-6295
typo3.org/security/advisory/typo3-ext-sa-2014-002

Code Behaviors & Features

Detect and mitigate CVE-2014-6295 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →