Description

SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2007-6381

Related Vulnerabilities

PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10210)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.11)

MySQL CVE-2022-39410 Vulnerability (CVE-2022-39410)

WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.22)

WordPress Plugin Walk Score Multiple Cross-Site Scripting Vulnerabilities (0.5.5)

Severity

Medium

Classification

CVE-2007-6381 CWE-138

Tags

Missing Update Known Vulnerabilities