Description
** DISPUTED ** SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYPO3 extensions - not in TYPO3 Core."
Remediation
References
Related Vulnerabilities
WordPress Other Vulnerability (CVE-2007-1622)
phpMyAdmin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-9866)
WordPress Plugin Phoenix Media Rename Security Bypass (3.4.2)
SharePoint Improper Certificate Validation Vulnerability (CVE-2019-1006)
WordPress Plugin Popup Anything-A Marketing Popup Cross-Site Scripting (2.0.3)