TYPO3 News & Events Hub

• Developer & Technology
• Security

SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-COOLURI-CWT-RESETBEPASSWORD-DATAMINTS-NEWSTICKER-GB-FENEWSSUBMIT-MAILFORM-MYTH-DOWNLOAD-PM-TOUR-TWITTERSEARCH-WS-ECARD-WS-GALLERY: Security issues in several third party TYPO3 extensions including cooluri, cwt_resetbepassword, datamints_newsticker, gb_fenewssubmit, mailform, myth_download, pm_tour, twittersearch, ws_ecard, ws_gallery

• News team

30 July 2009

Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password" (cwt_resetbepassword), "datamints Newsticker" (datamints_newsticker), "[Gobernalia] Front End News Submitter" (gb_fenewssubmit), "Mailform" (mailform), "Myth download" (myth_download), "Tour Extension" (pm_tour), "Twitter Search" (twittersearch), "Webesse E-Card" (ws_ecard), "Webesse Image Gallery" (ws_gallery)

Read more

• Developer & Technology

TYPO3 4.2.8, 4.1.12 and 4.0.13

• News team

03 July 2009

The TYPO3 Core Team announces versions 4.2.8, 4.1.12 and 4.0.13 of the TYPO3 Enterprise Content Management System.

• Developer & Technology

FLOW3 1.0.0 alpha 2 released

• Robert Lemke

01 July 2009

The FLOW3 Core Team is proud to announce the second alpha release of FLOW3!

• Showcase & Success

TYPO3 and FLOW3 in the finals of SFCCA (vote!)

• Robert Lemke

23 June 2009

TYPO3 and FLOW3 each reached the finals of this year's SourceForge Community Choice Awards!

• Security

TYPO3-SA-2009-009: Cross-Site Scripting vulnerability in extension Modern Guestbook / Commenting System (ve_guestbook)

• Marcus Krause

16 June 2009

It has been discovered that the extension Modern Guestbook / Commenting system (ve_guestbook) is vulnerable to Cross-Site Scripting.

• Security

TYPO3-SA-2009-008: Multiple vulnerabilities in third party extensions

• Marcus Krause

16 June 2009

Several vulnerabilities have been found in the following third party TYPO3 extensions: "FrontEnd MP3 Player" (fe_mp3player), "Search In Tables" (fesearchintable), "Content Search" (gst_contentsearch), "Multilingual Alias" (multilingual_alias), "Myth Repository" (myth_repository) and "References database" (t3references)

• Security

TYPO3-SA-2009-007: TYPO3 Security Bulletin

• 

16 June 2009

It has been discovered that the extension Virtual Civil Services (civserv) is vulnerable to SQL-injections.

• Security

TYPO3-SA-2009-006: TYPO3 Security Bulletin

• 

16 June 2009

It has been discovered that the extension CWT Community (cwt_community) is vulnerable to SQL-injections.

• Developer & Technology
• Security

SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-CIVSERV-CWT-COMMUNITY-AND-VE-GUESTBOOK: Security issues in several third party TYPO3 extensions including civserv, cwt_community and ve_guestbook

• News team

16 June 2009

Several vulnerabilities have been found in the following third party TYPO3 extensions: "Virtual Civil Services" (civserv), "Modern Guestbook / Commenting system" (ve_guestbook), "CWT Community" (cwt_community), "FrontEnd MP3 Player" (fe_mp3player), "Search In Tables" (fesearchintable), "Content Search" (gst_contentsearch), "Multilingual Alias" (multilingual_alias), "Myth Repository" (myth_repository), "References database" (t3references)

• The Project

TYPO3 Association Q&A Session in Lübeck

• News team

05 June 2009

On June 25th, 2009 the TYPO3 Associations next Q&A (Question and Answer) Session will take place in Lübeck, Germany.