Description
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.
Remediation
References
Related Vulnerabilities
WordPress Plugin MailChimp for WooCommerce Local File Inclusion (2.1.1)
WordPress Plugin ClickBank Affiliate Ads Multiple Vulnerabilities (1.7)
Joomla CVE-2006-4469 Vulnerability (CVE-2006-4469)
MySQL CVE-2021-35608 Vulnerability (CVE-2021-35608)
WordPress Plugin WP Easy Gallery 'add-gallery.php' Arbitrary File Upload (1.8)