SecurityFocus

TYPO3 SQL Injection vunerabilitie Mar 03 2005 05:08PM
Fabian Becker (neonomicus gmx de) (2 replies)

Re: TYPO3 3rd party extension (cmw_linklist) SQL Injection vunerability Mar 04 2005 01:06PM
Michael Shigorin (mike osdn org ua)

On Thu, Mar 03, 2005 at 05:08:30PM -0000, Fabian Becker wrote:
> Maybe someone will find a way to exploit this one in a
> maliceous way so get typo3 to update it's software!

Maybe someone will learn to use bug tracking systems for that
matter. :)

http://bugs.typo3.org/bug_view_advanced_page.php?bug_id=0000857

----------------------------------------------------------------------
xonx - 04.03.05 13:52 CET
----------------------------------------------------------------------
An updated version (1.4.2) of the extension has been uploaded to TER and
can be found on http://typo3.org/extensions/repository/list/cmw_linklist/
or via Extension Manager.
All users of this extension are strongly advised to immediatly update this
extension.
(latest patch is attached)

--
---- WBR, Michael Shigorin <mike (at) altlinux (dot) ru [email concealed]>
------ Linux.Kiev http://www.linux.kiev.ua/

[ reply ]

Re: TYPO3 SQL Injection vunerabilitie Mar 03 2005 11:06PM
Sebastian Wolfgarten (sebastian wolfgarten com) (2 replies)

Re: TYPO3 SQL Injection vunerabilitie Mar 04 2005 04:45PM
Michael Shigorin (mike osdn org ua)

RE: TYPO3 SQL Injection vunerabilitie Mar 04 2005 12:54AM
GulfTech Security Research (security gulftech org)