Actu
Vigil@nce: TYPO3, vulnerabilities of extensions
January 2010 by Vigil@nce
An attacker can use several vulnerabilities of TYPO3 extensions in
order to generate a Cross Site Scripting or to inject SQL code.
– Severity: 2/4
– Consequences: privileged access/rights, user access/rights
– Provenance: internet client
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Number of vulnerabilities in this bulletin: 24
– Creation date: 13/01/2010
IMPACTED PRODUCTS
– TYPO3
DESCRIPTION OF THE VULNERABILITY
An attacker can use several vulnerabilities of TYPO3 extensions.
An attacker can generate a SQL injection in the MK-AnydropdownMenu
(mk_anydropdownmenu) extension. [grav:2/4; BID-37768]
An attacker can obtain information via the Photo Book
(goof_fotoboek) extension. [grav:2/4; BID-37769]
An attacker can generate a SQL injection in the Customer Reference
List (ref_list) extension. [grav:2/4; BID-37771]
An attacker can obtain information via the SB Folderdownload
(sb_folderdownload) extension. [grav:2/4; BID-37772]
An attacker can generate a Cross Site Scripting in the Developer
log (devlog) extension. [grav:2/4; BID-37786]
An attacker can generate a Cross Site Scripting in the KJ:
Imagelightbox (kj_imagelightbox2) extension. [grav:2/4; BID-37790]
An attacker can generate a Cross Site Scripting in the Unit
Converter (cs2_unitconv) extension. [grav:2/4; BID-37789]
An attacker can generate a SQL injection in the powermail
(powermail) extension. [grav:2/4; BID-37793]
An attacker can generate a SQL injection in the Googlemaps for
tt_news (jf_easymaps) extension. [grav:2/4; BID-37773]
An attacker can generate a Cross Site Scripting and a SQL
injection in the TV21 Talkshow (tv21_talkshow) extension.
[grav:2/4; BID-37778]
An attacker can generate a SQL injection in the Helpdesk (mg_help)
extension. [grav:2/4; BID-37779]
An attacker can generate a Cross Site Scripting and a SQL
injection in the Vote rank for news (vote_for_tt_news) extension.
[grav:2/4; BID-37791]
An attacker can obtain information via the kiddog_mysqldumper
(kiddog_mysqldumper) extension. [grav:2/4; BID-37770]
An attacker can generate a SQL injection in the tt_news Mail alert
(dl3_tt_news_alerts) extension. [grav:2/4; BID-37774]
An attacker can generate a SQL injection in the TT_Products editor
(ttpedit) extension. [grav:2/4; BID-37775]
An attacker can generate a SQL injection in the User Links
(vm19_userlinks) extension. [grav:2/4; BID-37777]
An attacker can generate a SQL injection in the MJS Event Pro
(mjseventpro) extension. [grav:2/4; BID-37781]
An attacker can generate a SQL injection in the BB Simple Jobs
(bb_simplejobs) extension. [grav:2/4; BID-37783]
An attacker can generate a SQL injection in the Reports for Job
(job_reports) extension. [grav:2/4; BID-37784]
An attacker can generate a SQL injection in the Clan Users List
(pb_clanlist) extension. [grav:2/4; BID-37785]
An attacker can generate a SQL injection in the
zak_store_management (zak_store_management) extension. [grav:2/4;
BID-37792]
An attacker can generate a Cross Site Scripting in the Majordomo
(majordomo) extension. [grav:2/4; BID-37796]
An attacker can generate a Cross Site Scripting in the Tip many
friends (mimi_tipfriends) extension. [grav:2/4; BID-37794]
An attacker can generate a Cross Site Scripting in the VD / Geomap
(vd_geomap) extension. [grav:2/4; BID-37795]
CHARACTERISTICS
– Identifiers: BID-37768, BID-37769, BID-37770, BID-37771,
BID-37772, BID-37773, BID-37774, BID-37775, BID-37777, BID-37778,
BID-37779, BID-37781, BID-37783, BID-37784, BID-37785, BID-37786,
BID-37789, BID-37790, BID-37791, BID-37792, BID-37793, BID-37794,
BID-37795, BID-37796, TYPO3-SA-2009-021, VIGILANCE-VUL-9342
– Url: http://vigilance.fr/vulnerability/TYPO3-vulnerabilities-of-extensions-9342
