4 matches found
Sql injection
DISPUTED SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in...
CVE-2009-4855
SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYP...
CVE-2009-4855
TYPO3 4.0 is affected by a SQL injection vulnerability in index.php via the showUid parameter. The root cause is an injectable showUid value, enabling remote attackers to alter SQL commands. The TYPO3 Security Team disputes the report, noting the showUid parameter is commonly used in third‑party ...
PT-2010-1663 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 version 4.0 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the showUid parameter in index.php. However, the TYPO3 Security Team disputes this report, stating that the showUid parameter i...