Lucene search

[email protected]CVE-2008-4656

HistoryOct 22, 2008 - 12:11 a.m.

CVE-2008-4656

2008-10-2200:11:51

CWE-89

[email protected]

web.nvd.nist.gov

cve

2008

4656

sql injection

typo3

extension

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.8%

JSON

SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

typo3frontend_users_viewRange≤0.1.6

typo3frontend_users_viewMatch0.1.2

typo3frontend_users_viewMatch0.1.3

AND

typo3typo3

CPENameOperatorVersion
typo3:frontend_users_viewtypo3 frontend users viewle0.1.6
typo3:frontend_users_viewtypo3 frontend users vieweq0.1.2
typo3:frontend_users_viewtypo3 frontend users vieweq0.1.3

CPE	Name	Operator	Version
typo3:frontend_users_view	typo3 frontend users view	le	0.1.6
typo3:frontend_users_view	typo3 frontend users view	eq	0.1.2
typo3:frontend_users_view	typo3 frontend users view	eq	0.1.3

References

typo3.org/teams/security/security-bulletins/typo3-20081020-1/

www.securityfocus.com/bid/31843

www.vupen.com/english/advisories/2008/2870

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for CVE-2008-4656

nvd1 prion1 cvelist1