Exploitation Summary
EIP tracks 1 public exploit for CVE-2009-4855. PoCs published by Ro0T-MaFia.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in TYPO3 CMS 4.0. It provides a URL pattern for exploitation and a sample SQL injection payload but does not include executable code.
Description
SQL injection vulnerability in index.php in TYPO3 4.0 allows remote attackers to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is generally used in third-party TYPO3 extensions - not in TYPO3 Core.
Exploits (1)
This is a writeup describing a SQL injection vulnerability in TYPO3 CMS 4.0. It provides a URL pattern for exploitation and a sample SQL injection payload but does not include executable code.