ID de Prueba:	1.3.6.1.4.1.25623.1.0.803984
Categoría:	Web application abuses
Título:	TYPO3 indexed_search SQL Injection Vulnerability
Resumen:	TYPO3 is prone to an SQL injection (SQLi) vulnerability.
Descripción:	Summary: TYPO3 is prone to an SQL injection (SQLi) vulnerability. Vulnerability Insight: An error exists in indexed_search system extension which fails to sufficiently sanitize user-supplied data before using it in an SQL query. Vulnerability Impact: Successful exploitation will allow remote authenticated attackers to view, add, modify or delete information in the back-end database. Affected Software/OS: TYPO3 version before 4.0.8 and 4.1.0 to 4.1.3 Solution: Upgrade to TYPO3 version 4.0.8 or 4.1.4 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6381 BugTraq ID: 26871 http://www.securityfocus.com/bid/26871 Debian Security Information: DSA-1439 (Google Search) http://www.debian.org/security/2007/dsa-1439 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457446 http://osvdb.org/39506 http://securitytracker.com/id?1019146 http://secunia.com/advisories/27969 http://secunia.com/advisories/28243 http://www.vupen.com/english/advisories/2007/4205 XForce ISS Database: typo3-indexedsearch-sql-injection(39017) https://exchange.xforce.ibmcloud.com/vulnerabilities/39017
Copyright	Copyright (C) 2013 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.