Description

SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2007-6381

Related Vulnerabilities

WordPress Plugin WP Database Backup Cross-Site Scripting (5.1.1)

WordPress Plugin Tooltipy (tooltips for WP) Multiple Vulnerabilities (5.0.2)

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2013-6358)

Squid Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-19132)

Drupal Other Vulnerability (CVE-2005-0682)

Severity

Medium

Classification

CVE-2007-6381 CWE-138

Tags

Missing Update Known Vulnerabilities