TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
BID:51838
Info
TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
| Bugtraq ID: | 51838 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 02 2012 12:00AM |
| Updated: | Feb 02 2012 12:00AM |
| Credit: | Sebastian Böttger |
| Vulnerable: |
Typo3 Documents download 1.5.1 |
| Not Vulnerable: |
Typo3 Documents download 1.5.2 |
Discussion
TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
TYPO3 Documents download extension is prone to unspecified SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
TYPO3 Documents download versions priror to 1.5.2 are vulnerable.
TYPO3 Documents download extension is prone to unspecified SQL-injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
TYPO3 Documents download versions priror to 1.5.2 are vulnerable.
Exploit / POC
TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
An attacker can exploit the SQL-injection issue with a browser. To exploit a cross-site scripting issue the attacker must entice an unsuspecting victim to follow a malicious URI.
An attacker can exploit the SQL-injection issue with a browser. To exploit a cross-site scripting issue the attacker must entice an unsuspecting victim to follow a malicious URI.
Solution / Fix
TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
Solution:
An update is available. Please see the references for more information.
Solution:
An update is available. Please see the references for more information.
References
TYPO3 Documents Download Extension Cross Site Scripting and SQL Injection Vulnerabilities
References:
References: