TYPO3 News & Events Hub
What’s new & what’s comin’
TYPO3-SECURITY-BULLETIN-TYPO3-20070712-1-MULTIPLE-VULNERABILITIES-IN-CIVSERV: TYPO3 Security Bulletin TYPO3-20070712-1: Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found. Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
Read moreTYPO3-20070712-1: Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found in the extension civserv: Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
TYPO3-SECURITY-BULLETIN-TYPO3-20070710-1-SQL-INJECTION-IN-FECHANGEPASSWORD: TYPO3 Security Bulletin TYPO3-20070710-1: SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.
TYPO3-20070710-1: SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.
TYPO3-SECURITY-BULLETIN-TYPO3-20070709-1-INCORRECT-AUTHENTICATION-IN-FTPBROWSER: TYPO3 Security Bulletin TYPO3-20070709-1: Incorrect authentication in ftpbrowser
It has been discovered that the extension ftpbrowser is doing incorrect authentication in some files, making it open for exploiting.
TYPO3-20070709-1: Incorrect authentication
It has been discovered that the extension ftpbrowser is doing incorrect authentication in some files, making it open for exploiting.
TYPO3-SECURITY-BULLETIN-TYPO3-20070703-1-MULTIPLE-VULNERABILITIES-IN-ALL-VARIANTS-OF-MYSQLDUMPER: TYPO3 Security Bulletin TYPO3-20070703-1: Multiple vulnerabilities in all variants of MySQLDumper
Multiple vulnerabilities have been found in the third party extension "mysqldumper". Full read/write access to the connected database and other related issues.
TYPO3-20070703-1: Multiple vulnerabilities in all variants of MySQLDumper
Multiple vulnerabilities have been found in the third party extension "mysqldumper". Full read/write access to the connected database and other related issues.