Tag: TYPO3 CMS

TYPO3-SA-2010-012: Multiple vulnerabilities in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting (XSS), Open Redirection, SQL Injection, Broken Authentication and Session Management, Insecure Randomness, Information Disclosure, Arbitrary Code Execution

Read more

TYPO3-SA-2010-004: Vulnerabilities in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Authentication Bypass for frontend users and Information Disclosure.

TYPO3-SA-2009-016: Multiple vulnerabilities in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, SQL-Injection, Remote Command Execution, Information Disclosure and insecure Install Tool authentication/session handling.

TYPO3-SA-2009-001: Multiple vulnerabilities in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and Remote Command Execution.

TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core

It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library fe_adminlib.inc allows Cross Site Scripting (XSS).