Summary
This host is installed with TYPO3 and is prone to command execution vlnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitary commands.
Impact Level: System/Application
Solution
Upgrade to TYPO3 version 4.0.4 or later,
For updates,
http://typo3.org/
Insight
An error exists in the rtehtmlarea extension, which fails to properly validate user supplied input to "userUid" parameter
Affected
TYPO3 version before 4.0.3
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2006-6690 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- Advanced Guestbook Index.PHP SQL Injection Vulnerability
- artmedic_links5 File Inclusion Vulnerability
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- AVTECH DVR Multiple Vulnerabilities