Freely subscribe to our NEWSLETTER

Severity: 2/4

Consequences: user access/rights, client access/rights, data
reading

Provenance: internet client

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Number of vulnerabilities in this bulletin: 10

Creation date: 30/07/2009

IMPACTED PRODUCTS

– TYPO3

DESCRIPTION OF THE VULNERABILITY

An attacker can use several vulnerabilities of TYPO3 extensions.

An attacker can inject SQL code in the CoolURI (cooluri)
extension. [grav:2/4; BID-35872]

An attacker can inject SQL code in the Reset backend password
(cwt_resetbepassword) extension. [grav:2/4; BID-35876]

An attacker can inject SQL code in the datamints Newsticker
(datamints_newsticker) extension. [grav:2/4; BID-35879]

An attacker can inject SQL code, and generate a Cross Site
Scripting, in the Front End News Submitter (gb_fenewssubmit)
extension. [grav:2/4; BID-35875]

An attacker can generate a Cross Site Scripting in the Mailform
(mailform) extension. [grav:2/4; BID-35873]

An attacker can inject SQL code in the Myth download
(myth_download) extension. [grav:2/4; BID-35881]

An attacker can inject SQL code in the Tour Extension (pm_tour)
extension. [grav:2/4; BID-35880]

An attacker can generate a Cross Site Scripting in the Twitter
Search (twittersearch) extension. [grav:2/4; BID-35874]

An attacker can obtain information via the Webesse E-Card
(ws_ecard) extension. [grav:2/4; BID-35877]

An attacker can inject SQL code in the Webesse Image Gallery
(ws_gallery) extension. [grav:2/4; BID-35878]

CHARACTERISTICS

Identifiers: BID-35872, BID-35873, BID-35874, BID-35875,
BID-35876, BID-35877, BID-35878, BID-35879, BID-35880, BID-35881,
TYPO3-SA-2009-010, VIGILANCE-VUL-8902

http://vigilance.fr/vulnerability/TYPO3-vulnerabilities-of-extensions-8902