CVE-2009-4339
SQL injection vulnerability in the Subscription (mf_subscription) extension 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
Date published : 2009-12-17
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/