TYPO3 News & Events Hub
What’s New & What’s Coming
TYPO3-20080515-2: Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)
It has been discovered that the extension Frontend Filemanager (air_filemanager) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.
Read moreSECURITY-BULLETIN-TYPO3-20080515-2-MULTIPLE-VULNERABILITIES-IN-EXTENSION-FRONTEND-FILEMANAGER-AIR-FILEMANAGER: Security Bulletin TYPO3-20080515-2: Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)
It has been discovered that the extension Frontend Filemanager (air_filemanager) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.
SECURITY-BULLETIN-TYPO3-20080515-1-MULTIPLE-VULNERABILITIES-IN-EXTENSION-FRONTEND-USER-REGISTRATION-SR-FEUSER-REGISTER: Security Bulletin TYPO3-20080515-1: Multiple vulnerabilities in extension Frontend User Registration (sr_feuser_register)
It has been discovered that the extension Frontend User Registration (sr_feuser_register) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Command Execution.
TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)
It has been discovered that the extension Statistics (ke_stats) is vulnerable to Blind SQL Injection attacks. Also, a Cross Site Scripting issue has been found.
TYPO3-20080513-3: Cross Site Scripting vulnerability in extension Event Database (rlmp_eventdb)
It has been discovered that the extension Event Database (rlmp_eventdb) is susceptible to Cross Site Scripting (XSS) attacks.
TYPO3-20080513-2: Cross Site Scripting vulnerability in extension Questionaire (pbsurvey)
It has been discovered that the extension Questionaire (pbsurvey) is susceptible to Cross Site Scripting (XSS) attacks.
TYPO3-20080513-1: Multiple vulnerabilities in extension WT Gallery (wt_gallery)
It has been discovered that the extension wt_gallery is susceptible to Path Traversal and Cross Site Scripting (XSS) attacks. Besides that, it may disclose sensitive information.
SECURITY-BULLETIN-TYPO3-20080513-4-MULTIPLE-VULNERABILITIES-IN-EXTENSION-STATISTICS-KE-STATS: Security Bulletin TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)
It has been discovered that the extension Statistics (ke_stats) is vulnerable to Blind SQL Injection attacks. Also, a Cross Site Scripting issue has been found.
SECURITY-BULLETIN-TYPO3-20080513-3-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-EXTENSION-EVENT-DATABASE-RLMP-EVENTDB: Security Bulletin TYPO3-20080513-3: Cross Site Scripting vulnerability in extension Event Database (rlmp_eventdb)
It has been discovered that the extension Event Database (rlmp_eventdb) is susceptible to Cross Site Scripting (XSS) attacks.
SECURITY-BULLETIN-TYPO3-20080513-2-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-EXTENSION-QUESTIONAIRE-PBSURVEY: Security Bulletin TYPO3-20080513-2: Cross Site Scripting vulnerability in extension Questionaire (pbsurvey)
It has been discovered that the extension Questionaire (pbsurvey) is susceptible to Cross Site Scripting (XSS) attacks.