Security Advisories

TYPO3 Extensions

TYPO3-EXT-SA-2013-013: Several vulnerabilities in third party extensions

Marcus Krause

05 August 2013

Several vulnerabilities have been found in the following third-party TYPO3 extensions: browser, ke_search, locator, realurlmanagement, wfqbe

Mehr erfahren

TYPO3 Extensions

TYPO3-EXT-SA-2013-012: Several vulnerabilities in extension Formhandler (formhandler)

Marcus Krause

05 August 2013

It has been discovered that the extension "Formhandler" (Formhandler) is vulnerable to SQL-Injection, Arbitrary Code Execution and Authentication Bypass.

TYPO3 Extensions

TYPO3-EXT-SA-2013-011: Cross-Site Scripting vulnerability in extension Front End User Registration (sr_feuser_register)

Marcus Krause

05 August 2013

It has been discovered that the extension "Front End User Registration" (sr_feuser_register) is vulnerable to Cross-Site Scripting.

Product Updates & Roadmap
TYPO3 CMS

TYPO3-CORE-SA-2013-002: Cross-Site Scripting and Remote Code Execution Vulnerability in TYPO3 Core

Georg Ringer

30 Juli 2013

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting and Remote Code Execution

TYPO3 Extensions

TYPO3-EXT-SA-2013-010: SQL Injection vulnerability in extension Multishop (multishop)

Marcus Krause

03 Juni 2013

It has been discovered that the extension "Multishop" (multishop) is vulnerable to SQL-Injection.

TYPO3 Extensions

TYPO3-EXT-SA-2013-007: Several vulnerabilities in third party extensions

Marcus Krause

03 Juni 2013

Several vulnerabilities have been found in the following third-party TYPO3 extensions: accessible_is_browse_results, maag_formcaptcha, meta_feedit, rzautocomplete, sb_folderdownload, sg_zfelib, sg_zlib, tq_seo