• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

TYPO3 'indexed_search' Extension SQL Injection Vulnerability

Bugtraq ID:	26871
Class:	Input Validation Error
CVE:	CVE-2007-6381
Remote:	Yes
Local:	No
Published:	Dec 10 2007 12:00AM
Updated:	Jan 03 2008 02:10PM
Credit:	Henning Pingel is credited with the discovery of this vulnerability.
Vulnerable:	Typo3 Typo3 4.0.5 Typo3 Typo3 4.0.4 Typo3 Typo3 4.0.3 Typo3 Typo3 4.0.2 Typo3 Typo3 4.0.1 Typo3 Typo3 3.7 .0 Typo3 Typo3 3.6.2 Typo3 Typo3 3.5 b5 Typo3 Typo3 3.5 .0 Typo3 Typo3 4.1beta Typo3 Typo3 4.1 RC1 Typo3 Typo3 4.0 Typo3 Typo3 3.8 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0
Not Vulnerable:	Typo3 Typo3 4.1.4 Typo3 Typo3 4.0.8