|Network Security Consulting Advisories Article
| Bugtraq ID: || 54936 |
| Class: || Input Validation Error |
| CVE: || |
| Remote: || Yes |
| Local: || No |
| Published: || Aug 09 2012 12:00AM |
| Updated: || Aug 09 2012 12:00AM |
| Credit: || Helmut Hummel and TYPO3 Security Team |
| Vulnerable: || |
| Not Vulnerable: || |
Security DiscussionThe TYPO3 powermail extension is prone to a cross-site scripting vulnerability, an SQL-injection vulnerability, and a file upload vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to upload and execute PHP arbitrary files, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
TYPO3 powermail versions prior to 1.6.9 are vulnerable.
Proof of Concept and Security ExploitsAn attacker can exploit these issues through a browser.
Vendor updates are available. Please see the references for more information.
Security References(s) References: