CVE-2007-6381

SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Link	Resource
http://typo3.org/teams/security/security-bulletins/typo3-20071210-1/	Patch
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457446
http://www.debian.org/security/2007/dsa-1439
http://www.securityfocus.com/bid/26871
http://securitytracker.com/id?1019146
http://secunia.com/advisories/27969
http://secunia.com/advisories/28243
http://osvdb.org/39506
http://www.vupen.com/english/advisories/2007/4205
https://exchange.xforce.ibmcloud.com/vulnerabilities/39017

Configuration 1

cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:3.7.1:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:3.8.1:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:3.0:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:3.7.0:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:3.8:*:*:*:*:*:*:* cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*

---

Published : 2007-12-15 02:46

Updated : 2017-08-08 01:29

---

NVD link : CVE-2007-6381

Mitre link : CVE-2007-6381

No products.

CWE-89