Tag: Security
Maintaining the “health” of your website is crucial and knowing that it is running securely is the most important question of all. Business websites need to be monitored, extended and updated on a regular basis. If you’re still running your website on an outdated TYPO3 version, gain peace of mind by opting for TYPO3 GmbH’s ELTS offer.
MULTIPLE-SECURITY-ISSUES-FOUND-IN-TYPO3-CORE-1: Multiple security issues found in TYPO3 core
It has been discovered that the TYPO3 Core is vulnerable to Cross-site scripting, SQL-Injection, Remote shell command execution, Information Disclosure and insecure Install Tool authentication/session handling.
Read moreSECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-COMMERCE-AND-T3M: Security issues in several third party TYPO3 extensions including commerce and t3m
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Commerce" (commerce), "T3M E-Mail Marketing Tool" (t3m), "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch" (ast_addresszipsearch), "Car" (car), "Event Registration" (event_registr), "Solidbase Bannermanagement" (SBbanner), "t3m_affiliate" (t3m_affiliate), "AJAX Chat" (vjchat)
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-COOLURI-CWT-RESETBEPASSWORD-DATAMINTS-NEWSTICKER-GB-FENEWSSUBMIT-MAILFORM-MYTH-DOWNLOAD-PM-TOUR-TWITTERSEARCH-WS-ECARD-WS-GALLERY: Security issues in several third party TYPO3 extensions including cooluri, cwt_resetbepassword, datamints_newsticker, gb_fenewssubmit, mailform, myth_download, pm_tour, twittersearch, ws_ecard, ws_gallery
Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password" (cwt_resetbepassword), "datamints Newsticker" (datamints_newsticker), "[Gobernalia] Front End News Submitter" (gb_fenewssubmit), "Mailform" (mailform), "Myth download" (myth_download), "Tour Extension" (pm_tour), "Twitter Search" (twittersearch), "Webesse E-Card" (ws_ecard), "Webesse Image Gallery" (ws_gallery)
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-CIVSERV-CWT-COMMUNITY-AND-VE-GUESTBOOK: Security issues in several third party TYPO3 extensions including civserv, cwt_community and ve_guestbook
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Virtual Civil Services" (civserv), "Modern Guestbook / Commenting system" (ve_guestbook), "CWT Community" (cwt_community), "FrontEnd MP3 Player" (fe_mp3player), "Search In Tables" (fesearchintable), "Content Search" (gst_contentsearch), "Multilingual Alias" (multilingual_alias), "Myth Repository" (myth_repository), "References database" (t3references)
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-SR-FEUSER-REGISTER: Security issues in several third party TYPO3 extensions including sr_feuser_register
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Frontend User Registration" (sr_feuser_register), "A21glossary Advanced Output" (a21glossary_advanced_output), "ClickStream Analyzer (output)" (alternet_csa_out), "Directory Listing" (dir_listing), "Store Locator" (locator), "Userdata Create/Edit" (sg_userdata), "Versatile Calendar Extension (VCE)" (sk_calendar), "ultraCards" (th_ultracards), "Visitor Tracking" (ws_stats).
SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-CONTAIN-SECURITY-ISSUES: Several third party TYPO3 extensions contain security issues
Vulnerabilities have been found in the following third party TYPO3 extensions: "Accessibility Glossary" (a21glossary), "Calendar Base" (cal), "Flat Manager" (flatmgr)
INFORMATION-DISCLOSURE-XSS-IN-TYPO3-CORE: Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting.
IMPORTANT-SECURITY-BULLETIN-PRE-ANNOUNCEMENT: Important Security-Bulletin Pre-Announcement
Serious security issue found in TYPO3 core.
MULTIPLE-SECURITY-ISSUES-FOUND-IN-TYPO3-CORE: Multiple security issues found in TYPO3 core
It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and Remote Command Execution.
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS: Security issues in several third party TYPO3 extensions
Security vulnerabilities have been discovered in the following third party TYPO3 extensions: "phpMyAdmin" (phpmyadmin), "DR Wiki - Typo3 Wiki extension" (dr_wiki), "WEC Discussion Forum" (wec_discussion), "Vox populi" (mv_vox_populi), "SB Universal Plugin" (SBuniplug), "Simple File Browser" (simplefilebrowser), "TU-Clausthal ODIN" (tuc_odin), "TU-Clausthal Staff" (tuc_staff), "WEBERkommunal Facilities" (wes_facilities).