exploits , vulnerabilities , articles , TYPO3 Front End News Submitter Extension SQL Injection and Cross Site Scripting Vulnerabilities

Title	TYPO3 Front End News Submitter Extension SQL Injection and Cross Site Scripting Vulnerabilities
Published	2009-07-30-12:00AM
Updated	2009-07-30-05:34PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Alexander Kellner, Cyrill Helg and Christian Seifert
Vulnerable	Typo3 Front End News Submitter 0.1
Not Vulnerable
Code	An attacker can exploit these issues via a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-10 WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
• 2009-12-10 Moodle Multiple Vulnerabilities
• 2009-12-10 Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
• 2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
• 2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
• 2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
• 2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
• 2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
• 2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability
• 2009-12-09 Polipo Malformed HTTP GET Request Memory Corruption Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Thu, 10 Dec 2009 23:47:53 +0000