Ambionics Security team discovered a pre-authentication SQL Injection in TYPO3 News module. This module is the 20th most used module of TYPO3 with almost 60,000 downloads.

While working on the Drupal module Services, the Ambionics Security team discovered a critical remote code execution vulnerability.