Lucene search

MitreCVE-2013-4682

HistoryJun 25, 2013 - 6:55 p.m.

CVE-2013-4682

2013-06-2518:55:01

CWE-89

mitre

web.nvd.nist.gov

cve-2013-4682

sql injection

multishop extension

typo3

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

52.5%

JSON

SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Affected configurations

Nvd

Node

bas_van_beekmultishopRange≤2.0.38

bas_van_beekmultishopMatch0.0.2

bas_van_beekmultishopMatch0.0.3

bas_van_beekmultishopMatch0.0.4

bas_van_beekmultishopMatch0.0.5

bas_van_beekmultishopMatch0.0.6

bas_van_beekmultishopMatch0.0.7

bas_van_beekmultishopMatch0.0.8

bas_van_beekmultishopMatch0.0.9

bas_van_beekmultishopMatch0.0.10

bas_van_beekmultishopMatch0.0.11

bas_van_beekmultishopMatch0.0.12

bas_van_beekmultishopMatch0.0.13

bas_van_beekmultishopMatch0.0.14

bas_van_beekmultishopMatch0.0.15

bas_van_beekmultishopMatch0.0.16

bas_van_beekmultishopMatch0.0.17

bas_van_beekmultishopMatch0.0.18

bas_van_beekmultishopMatch0.0.19

bas_van_beekmultishopMatch0.0.20

bas_van_beekmultishopMatch1.0.0

bas_van_beekmultishopMatch1.0.1

bas_van_beekmultishopMatch1.0.2

bas_van_beekmultishopMatch1.0.3

bas_van_beekmultishopMatch1.0.4

bas_van_beekmultishopMatch1.0.5

bas_van_beekmultishopMatch1.0.6

bas_van_beekmultishopMatch1.0.7

bas_van_beekmultishopMatch1.0.8

bas_van_beekmultishopMatch1.0.9

bas_van_beekmultishopMatch1.0.10

bas_van_beekmultishopMatch1.0.11

bas_van_beekmultishopMatch1.0.12

bas_van_beekmultishopMatch1.0.13

bas_van_beekmultishopMatch1.0.14

bas_van_beekmultishopMatch1.0.15

bas_van_beekmultishopMatch1.0.16

bas_van_beekmultishopMatch1.0.17

bas_van_beekmultishopMatch1.0.18

bas_van_beekmultishopMatch1.0.19

bas_van_beekmultishopMatch1.0.20

bas_van_beekmultishopMatch1.0.21

bas_van_beekmultishopMatch1.0.22

bas_van_beekmultishopMatch1.0.23

bas_van_beekmultishopMatch1.0.24

bas_van_beekmultishopMatch1.0.25

bas_van_beekmultishopMatch1.0.26

bas_van_beekmultishopMatch1.0.27

bas_van_beekmultishopMatch1.0.28

bas_van_beekmultishopMatch1.0.29

bas_van_beekmultishopMatch1.0.30

bas_van_beekmultishopMatch1.0.31

bas_van_beekmultishopMatch1.0.32

bas_van_beekmultishopMatch1.0.33

bas_van_beekmultishopMatch1.0.34

bas_van_beekmultishopMatch1.0.35

bas_van_beekmultishopMatch1.0.36

bas_van_beekmultishopMatch1.0.37

bas_van_beekmultishopMatch1.0.38

bas_van_beekmultishopMatch1.0.39

bas_van_beekmultishopMatch2.0.0

bas_van_beekmultishopMatch2.0.1

bas_van_beekmultishopMatch2.0.2

bas_van_beekmultishopMatch2.0.3

bas_van_beekmultishopMatch2.0.4

bas_van_beekmultishopMatch2.0.5

bas_van_beekmultishopMatch2.0.6

bas_van_beekmultishopMatch2.0.7

bas_van_beekmultishopMatch2.0.8

bas_van_beekmultishopMatch2.0.9

bas_van_beekmultishopMatch2.0.10

bas_van_beekmultishopMatch2.0.11

bas_van_beekmultishopMatch2.0.12

bas_van_beekmultishopMatch2.0.13

bas_van_beekmultishopMatch2.0.14

bas_van_beekmultishopMatch2.0.15

bas_van_beekmultishopMatch2.0.16

bas_van_beekmultishopMatch2.0.17

bas_van_beekmultishopMatch2.0.18

bas_van_beekmultishopMatch2.0.19

bas_van_beekmultishopMatch2.0.20

bas_van_beekmultishopMatch2.0.21

bas_van_beekmultishopMatch2.0.22

bas_van_beekmultishopMatch2.0.23

bas_van_beekmultishopMatch2.0.24

bas_van_beekmultishopMatch2.0.25

bas_van_beekmultishopMatch2.0.26

bas_van_beekmultishopMatch2.0.28

bas_van_beekmultishopMatch2.0.29

bas_van_beekmultishopMatch2.0.31

bas_van_beekmultishopMatch2.0.32

bas_van_beekmultishopMatch2.0.33

bas_van_beekmultishopMatch2.0.34

bas_van_beekmultishopMatch2.0.35

bas_van_beekmultishopMatch2.0.36

bas_van_beekmultishopMatch2.0.37

AND

typo3typo3Match-

VendorProductVersionCPE
bas_van_beekmultishop*cpe:2.3:a:bas_van_beek:multishop:*:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.2cpe:2.3:a:bas_van_beek:multishop:0.0.2:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.3cpe:2.3:a:bas_van_beek:multishop:0.0.3:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.4cpe:2.3:a:bas_van_beek:multishop:0.0.4:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.5cpe:2.3:a:bas_van_beek:multishop:0.0.5:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.6cpe:2.3:a:bas_van_beek:multishop:0.0.6:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.7cpe:2.3:a:bas_van_beek:multishop:0.0.7:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.8cpe:2.3:a:bas_van_beek:multishop:0.0.8:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.9cpe:2.3:a:bas_van_beek:multishop:0.0.9:*:*:*:*:*:*:*
bas_van_beekmultishop0.0.10cpe:2.3:a:bas_van_beek:multishop:0.0.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
bas_van_beek	multishop	*	cpe:2.3:a:bas_van_beek:multishop::::::::
bas_van_beek	multishop	0.0.2	cpe:2.3:a:bas_van_beek:multishop:0.0.2:::::::*
bas_van_beek	multishop	0.0.3	cpe:2.3:a:bas_van_beek:multishop:0.0.3:::::::*
bas_van_beek	multishop	0.0.4	cpe:2.3:a:bas_van_beek:multishop:0.0.4:::::::*
bas_van_beek	multishop	0.0.5	cpe:2.3:a:bas_van_beek:multishop:0.0.5:::::::*
bas_van_beek	multishop	0.0.6	cpe:2.3:a:bas_van_beek:multishop:0.0.6:::::::*
bas_van_beek	multishop	0.0.7	cpe:2.3:a:bas_van_beek:multishop:0.0.7:::::::*
bas_van_beek	multishop	0.0.8	cpe:2.3:a:bas_van_beek:multishop:0.0.8:::::::*
bas_van_beek	multishop	0.0.9	cpe:2.3:a:bas_van_beek:multishop:0.0.9:::::::*
bas_van_beek	multishop	0.0.10	cpe:2.3:a:bas_van_beek:multishop:0.0.10:::::::*

Rows per page:

1-10 of 971

References

secunia.com/advisories/53441

typo3.org/extensions/repository/view/multishop

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009-1/

www.securityfocus.com/bid/60271

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.7

Confidence

Low

EPSS

0.002

Percentile

52.5%

JSON

Related for CVE-2013-4682