TYPO3 News & Events Hub
What’s New & What’s Coming
T3CON07: Slides of 5.0-related talks online
After the TYPO3 Conference 2007 in Karlsruhe the slides of all talks related to TYPO3 5.0 are available for download. Robert Lemke and Daniel Hinderink outline benefits of the new architecture for developers and business alike.Robert Lemke explains...
Read moreUsing PHP with mod_fcgid
The upcoming version 4.2 of TYPO3 will depend on PHP 5.2. Here is some help on migrating your server.
TYPO3 Security Bulletin 20070919-1: Multiple vulnerabilities in extension mm_forum
It has been discovered that the extension mm_forum is vulnerable to multiple SQL Injection attacks and multiple XSS flaws alongside other vulnerabilities.
TYPO3 4.2 Alpha 1
The core team is proud to announce the first Alpha of TYPO3 version 4.2.
TYPO3 present at FrOSCon open source conference
The Department of Computer Science of the University of Applied Sciences Bonn-Rhein-Sieg is again organising the Froscon conference. FrOSCon is a two day conference on Free Software and Open Source, taking place for the second time on August,...
Roadmap to TYPO3 4.2
The TYPO3 Core Team is proud to announce the roadmap for the upcoming 4.2 release of the TYPO3 Enterprise Content Managment System.
TYPO3 Security Bulletin 20070801-1: Multiple vulnerabilities in extension ve_guestbook
It has been discovered that the extension ve_guestbook is vulnerable to SQL Injection attacks. Also, a Cross Site Scripting issue has been detected.
Multiple vulnerabilities in extension ve_guestbook
It has been discovered that the extension ve_guestbook is vulnerable to SQL Injection attacks. Also, a Cross Site Scripting issue has been detected.
T3N Magazine releases five current TYPO3 Articles
It is time again for a bunch of T3N articles - seven pages from the current issue (No. 8) have been translated for your reading pleasure.
TYPO3 Security Bulletin 20070719-1: Remote shell command execution in extensions embedding PHPMailer
Multiple TYPO3 extensions is affected by the third party tool PHPMailer, which is vulnerable to a remote shell command execution.
Remote shell command execution in extensions embedding PHPMailer
Multiple TYPO3 extensions is affected by the third party tool PHPMailer, which is vulnerable to a remote shell command execution.
TYPO3 4.1.2 and 4.0.7
The TYPO3 Core Team announces versions 4.1.2 and 4.0.7 of the TYPO3 Enterprise Content Management System.
TYPO3 Security Bulletin TYPO3-20070716-2: Information Disclosure from Extension phpmyadmin
An information disclosure issue has been found in the phpmyadmin extension of TYPO3 that may give access to phpinfo() information in special cases. The standalone version of phpmyadmin is not affected.
TYPO3 Security Bulletin 20070716-1: Cross Site Scripting vulnerability in faq
It has been discovered that the extension faq is susceptible to cross site scripting (XSS) attacks, making it possible to execute arbitrary JavaScript.
Information Disclosure from phpmyadmin
An information disclosure issue has been found in the phpmyadmin extension of TYPO3 that may give access to phpinfo() information in special cases. The standalone version of phpmyadmin is not affected.
Cross Site Scripting vulnerability in faq
It has been discovered that the extension faq is susceptible to cross site scripting (XSS) attacks, making it possible to execute arbitrary JavaScript.
TYPO3 Security Bulletin TYPO3-20070712-1: Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found. Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found in the extension civserv: Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
TYPO3 Security Bulletin TYPO3-20070710-1: SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.
SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.