Lucene search

[email protected]CVE-2008-4656

HistoryOct 22, 2008 - 12:11 a.m.

CVE-2008-4656

2008-10-2200:11:51

CWE-89

[email protected]

web.nvd.nist.gov

cve

2008

4656

sql injection

typo3

extension

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.8%

JSON

SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

typo3frontend_users_viewRange≤0.1.6

typo3frontend_users_viewMatch0.1.2

typo3frontend_users_viewMatch0.1.3

AND

typo3typo3

CPENameOperatorVersion
typo3:frontend_users_viewtypo3 frontend users viewle0.1.6
typo3:frontend_users_viewtypo3 frontend users vieweq0.1.2
typo3:frontend_users_viewtypo3 frontend users vieweq0.1.3

CPE	Name	Operator	Version
typo3:frontend_users_view	typo3 frontend users view	le	0.1.6
typo3:frontend_users_view	typo3 frontend users view	eq	0.1.2
typo3:frontend_users_view	typo3 frontend users view	eq	0.1.3

References

typo3.org/teams/security/security-bulletins/typo3-20081020-1/

www.securityfocus.com/bid/31843

www.vupen.com/english/advisories/2008/2870

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for CVE-2008-4656

prion1 nvd1 cvelist1