Description
** DISPUTED ** SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYPO3 extensions - not in TYPO3 Core."
Remediation
References
Related Vulnerabilities
Drupal Core 7.x Security Bypass (7.0 - 7.87)
WordPress Plugin WP Reroute Email SQL Injection (1.4.6)
Envoy Proxy Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2021-32780)
MongoDb CVE-2024-6384 Vulnerability (CVE-2024-6384)
Apache Tomcat Improper Resource Shutdown or Release Vulnerability (CVE-2022-25762)