TYPO3 News & Events Hub
What’s New & What’s Coming
Stay up to date with the latest TYPO3 news and announcements by subscribing to our RSS feed.
TYPO3-SECURITY-BULLETIN-20070716-1-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-FAQ: TYPO3 Security Bulletin 20070716-1: Cross Site Scripting vulnerability in faq
It has been discovered that the extension faq is susceptible to cross site scripting (XSS) attacks, making it possible to execute arbitrary JavaScript.
Mehr erfahrenTYPO3-20070716-2: Information Disclosure from phpmyadmin
An information disclosure issue has been found in the phpmyadmin extension of TYPO3 that may give access to phpinfo() information in special cases. The standalone version of phpmyadmin is not affected.
TYPO3-20070716-1: Cross Site Scripting vulnerability in faq
It has been discovered that the extension faq is susceptible to cross site scripting (XSS) attacks, making it possible to execute arbitrary JavaScript.
TYPO3-SECURITY-BULLETIN-TYPO3-20070712-1-MULTIPLE-VULNERABILITIES-IN-CIVSERV: TYPO3 Security Bulletin TYPO3-20070712-1: Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found. Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
TYPO3-20070712-1: Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found in the extension civserv: Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
TYPO3-SECURITY-BULLETIN-TYPO3-20070710-1-SQL-INJECTION-IN-FECHANGEPASSWORD: TYPO3 Security Bulletin TYPO3-20070710-1: SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.
TYPO3-20070710-1: SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.
TYPO3-SECURITY-BULLETIN-TYPO3-20070709-1-INCORRECT-AUTHENTICATION-IN-FTPBROWSER: TYPO3 Security Bulletin TYPO3-20070709-1: Incorrect authentication in ftpbrowser
It has been discovered that the extension ftpbrowser is doing incorrect authentication in some files, making it open for exploiting.
TYPO3-20070709-1: Incorrect authentication
It has been discovered that the extension ftpbrowser is doing incorrect authentication in some files, making it open for exploiting.
TYPO3-SECURITY-BULLETIN-TYPO3-20070703-1-MULTIPLE-VULNERABILITIES-IN-ALL-VARIANTS-OF-MYSQLDUMPER: TYPO3 Security Bulletin TYPO3-20070703-1: Multiple vulnerabilities in all variants of MySQLDumper
Multiple vulnerabilities have been found in the third party extension "mysqldumper". Full read/write access to the connected database and other related issues.