>> TYPO3 "indexed_search" System Extension SQL Injection Vulnerability
Title : TYPO3 "indexed_search" System Extension SQL Injection Vulnerability VUPEN ID : VUPEN/ADV-2007-4205 CVE ID : CVE-2007-6381
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2007-12-13
Technical Description
A vulnerability has been identified in TYPO3, which could be exploited by malicious users to conduct SQL injection attacks. This issue is caused by an input validation error in the "indexed_search" system extension when processing user-supplied data, which could be exploited by authenticated attackers to inject arbitrary SQL queries.
