It has been discovered that the extensions pmk_rssnewsexport and cm_rdfexport are vulnerable to SQL Injection attacks.

More... (http://news.typo3.org/news/article/security-bulletin-typo3-20080416-2-sql-injections-in-extensions-pmk-rssnewsexport-and-cm-rdfexport/)