RETIRED: TYPO3 Store Locator Extension Multiple Unspecified Security Vulnerabilities

The Store Locator extension for TYPO3 is prone to a cross-site scripting vulnerability, a security vulnerability and an SQL-injection vulnerability.

Attackers can exploit these issues to execute arbitrary code in the context of the browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database; other attacks are also possible.

Store Locator 3.1.4 and prior are vulnerable.

This BID is being retired. The following individual records exist to better document the issues:

61899 TYPO3 Store Locator Extension CVE-2013-5304 Unspecified SQL Injection Vulnerability
61895 TYPO3 Store Locator Extension CVE-2013-5305 Unspecified Cross Site Scripting Vulnerability
61897 TYPO3 Store Locator Extension CVE-2013-5303 Unspecified Security Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus