Description

The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request.

Remediation

References

CVE-2012-1607

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2009-3095)

WordPress Plugin WP Mailster Cross-Site Scripting (1.5.4.0)

Squid NULL Pointer Dereference Vulnerability (CVE-2023-46728)

LimeSurvey CVE-2008-2570 Vulnerability (CVE-2008-2570)

Opencart Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-28838)

Severity

Medium

Classification

CVE-2012-1607 CWE-200

Tags

Missing Update Known Vulnerabilities