News
Vigil@nce: TYPO3, vulnerabilities of extensions
February 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of TYPO3 extensions in order to generate a Cross Site Scripting or to inject SQL code.
Severity: 2/4
Consequences: user access/rights, client access/rights, data reading
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 7
Creation date: 01/02/2010
IMPACTED PRODUCTS
TYPO3
DESCRIPTION OF THE VULNERABILITY
An attacker can use several vulnerabilities of TYPO3 extensions.
An attacker can generate SQL injections and Cross Site Scriptings in the T3BLOG (t3blog) extension. [grav:2/4; BID-38030, TYPO3-SA-2010-002]
An attacker can generate a SQL injection in the Event Manager (eventmanagement) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a SQL injection in the Game Article DB (game_articledb) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a SQL injection and a Cross Site Scripting in the Simple career (ml_career) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a SQL injection in the Surprise Calendar (ml_surprisecalendar) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can generate a Cross Site Scripting in the Search Api Ajax Google (searchajaxgoogle) extension. [grav:2/4; TYPO3-SA-2010-003]
An attacker can obtain information via the Download Manager (spr_downloadmanager) extension. [grav:1/4; TYPO3-SA-2010-003]
CHARACTERISTICS
Identifiers: BID-38030, TYPO3-SA-2010-002, TYPO3-SA-2010-003, VIGILANCE-VUL-9394
