Tag: TYPO3 CMS
TYPO3-SA-2010-012: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting (XSS), Open Redirection, SQL Injection, Broken Authentication and Session Management, Insecure Randomness, Information Disclosure, Arbitrary Code Execution
Read moreTYPO3-SA-2010-008: Vulnerability in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Remote Command Execution.
TYPO3-SA-2010-004: Vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Authentication Bypass for frontend users and Information Disclosure.
TYPO3-SA-2010-001: Vulnerability in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to authentication bypass.
TYPO3-SA-2009-016: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, SQL-Injection, Remote Command Execution, Information Disclosure and insecure Install Tool authentication/session handling.
TYPO3-SA-2009-002: Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting.
TYPO3-SA-2009-001: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and Remote Command Execution.
TYPO3-20081113-2: Cross-Site Scripting vulnerability in TYPO3 Core
It has been discovered that the frontend plugin of system extension "felogin" is vulnerable to Cross-Site Scripting (XSS).
TYPO3-20081113-1: Cross-Site Scripting vulnerability in TYPO3 Core
It has been discovered that the backend module "file" is vulnerable to Cross-Site Scripting (XSS).
TYPO3-20080611-1: Multiple vulnerabilities in TYPO3 Core
It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library fe_adminlib.inc allows Cross Site Scripting (XSS).