TYPO3 Industry Database Security Bypass Vulnerability
BID:30047
Info
TYPO3 Industry Database Security Bypass Vulnerability
| Bugtraq ID: | 30047 |
| Class: | Access Validation Error |
| CVE: |
CVE-2008-3045 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 01 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | Michael Kornowski |
| Vulnerable: |
Typo3 Industry Database 1.0 |
| Not Vulnerable: |
Typo3 Industry Database 1.0.2 |
Discussion
TYPO3 Industry Database Security Bypass Vulnerability
Industry Database is prone to a vulnerability that may allow unauthorized users to modify data owned by other users.
This issue affects Industry Database 1.0.0 and prior versions.
Industry Database is prone to a vulnerability that may allow unauthorized users to modify data owned by other users.
This issue affects Industry Database 1.0.0 and prior versions.
Exploit / POC
TYPO3 Industry Database Security Bypass Vulnerability
Attackers can exploit this issue via a browser.
Attackers can exploit this issue via a browser.
Solution / Fix
TYPO3 Industry Database Security Bypass Vulnerability
Solution:
The vendor has released a fix. Please see the references for more information.
Typo3 Industry Database 1.0
Solution:
The vendor has released a fix. Please see the references for more information.
Typo3 Industry Database 1.0
-
Typo3 pro_industrydb_1.0.2.t3x
http://typo3.org/fileadmin/ter/p/r/pro_industrydb_1.0.2.t3x
References
TYPO3 Industry Database Security Bypass Vulnerability
References:
References: