Lucene search

[email protected]CVE-2009-4390

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4390

2022-10-0316:24:03

CWE-89

[email protected]

web.nvd.nist.gov

cve-2009-4390

sql injection

car extension

typo3

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

46.8%

JSON

SQL injection vulnerability in the Car (car) extension 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

NVD

Node

jochen_riegercarMatch0.1.1

AND

typo3typo3

CPENameOperatorVersion
jochen_rieger:carjochen rieger careq0.1.1

CPE	Name	Operator	Version
jochen_rieger:car	jochen rieger car	eq	0.1.1

References

typo3.org/teams/security/security-bulletins/typo3-sa-2009-020/

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

46.8%

JSON

Related for CVE-2009-4390

nvd1 prion1 cvelist1