CVE-2008-2489
SQL injection vulnerability in the Library for Frontend Plugins (aka sg_zfelib) extension 1.1.512 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified "user input."
Date published : 2008-05-28
http://typo3.org/teams/security/security-bulletins/typo3-20080527-2/