Vigil@nce: TYPO3, vulnerabilities of extensions
February 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of TYPO3 extensions in
order to generate a Cross Site Scripting or to inject SQL code.
Severity: 2/4
Consequences: user access/rights, client access/rights, data
reading
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 7
Creation date: 01/02/2010
IMPACTED PRODUCTS
– TYPO3
DESCRIPTION OF THE VULNERABILITY
An attacker can use several vulnerabilities of TYPO3 extensions.
An attacker can generate SQL injections and Cross Site Scriptings
in the T3BLOG (t3blog) extension. [grav:2/4; BID-38030,
TYPO3-SA-2010-002]
An attacker can generate a SQL injection in the Event Manager
(eventmanagement) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a SQL injection in the Game Article DB
(game_articledb) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a SQL injection and a Cross Site
Scripting in the Simple career (ml_career) extension. [grav:2/4;
TYPO3-SA-2010-003]
An attacker can generate a SQL injection in the Surprise Calendar
(ml_surprisecalendar) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a Cross Site Scripting in the Search Api
Ajax Google (searchajaxgoogle) extension. [grav:2/4;
TYPO3-SA-2010-003]
An attacker can obtain information via the Download Manager
(spr_downloadmanager) extension. [grav:1/4; TYPO3-SA-2010-003]
CHARACTERISTICS
Identifiers: BID-38030, TYPO3-SA-2010-002, TYPO3-SA-2010-003,
VIGILANCE-VUL-9394
http://vigilance.fr/vulnerability/TYPO3-vulnerabilities-of-extensions-9394