TYPO3 News & Events Hub
What’s new & what’s comin’
FLOW3 1.0.0 alpha 4 released
The FLOW3 Core Team is proud to announce the fourth alpha release of FLOW3!
Read moreLast Friday each month is Bug Day!
If you're an extension developer and never really got around the TYPO3 core, this is your chance to get insight.
Top speakers at T3CON09
Get your tickets for this years TYPO3 Conference T3CON09 while prices are still low! As of September 1st ticket prices will go up a bit.
FLOW3 1.0.0 alpha 3 released
The FLOW3 Core Team is proud to announce the third alpha release of FLOW3 and a brand new tutorial!
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-COMMERCE-AND-T3M: Security issues in several third party TYPO3 extensions including commerce and t3m
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Commerce" (commerce), "T3M E-Mail Marketing Tool" (t3m), "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch" (ast_addresszipsearch), "Car" (car), "Event Registration" (event_registr), "Solidbase Bannermanagement" (SBbanner), "t3m_affiliate" (t3m_affiliate), "AJAX Chat" (vjchat)
TYPO3-SA-2009-013: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch" (ast_addresszipsearch), "Car" (car), "Event Registration" (event_registr), "Solidbase Bannermanagement" (SBbanner), "t3m_affiliate" (t3m_affiliate), "AJAX Chat" (vjchat)
TYPO3-SA-2009-012: Blind SQL Injection vulnerability in extension T3M E-Mail Marketing Tool (t3m)
It has been discovered that the extension T3M E-Mail Marketing Tool (t3m) is vulnerable to Blind SQL Injection attacks.
TYPO3-SA-2009-011: Cross-Site Scripting vulnerability in extension Commerce (commerce)
It has been discovered that the extension Commerce (commerce) is vulnerable to Cross-Site Scripting attacks.
TYPO3 Association Quarterly Report
TYPO3-SA-2009-010: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password" (cwt_resetbepassword), "datamints Newsticker" (datamints_newsticker), "[Gobernalia] Front End News Submitter" (gb_fenewssubmit), "Mailform" (mailform), "Myth download" (myth_download), "Tour Extension" (pm_tour), "Twitter Search" (twittersearch), "Webesse E-Card" (ws_ecard) and "Webesse Image Gallery" (ws_gallery)