Description

SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2007-6381

Related Vulnerabilities

Artifactory Improper Authentication Vulnerability (CVE-2023-42662)

MySQL CVE-2020-2893 Vulnerability (CVE-2020-2893)

WordPress Plugin AccessPress Social Share includes Backdoor [Only if downloaded via the vendor website] (4.5.5)

WordPress Plugin Video Chat Multiple Cross-Site Scripting Vulnerabilities (1.4.1)

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Multiple Cross-Site Scripting Vulnerabilities (1.1.30)

Severity

Medium

Classification

CVE-2007-6381 CWE-138

Tags

Missing Update Known Vulnerabilities