Security Advisories
All Advisories
TYPO3-20080513-1: Multiple vulnerabilities in extension WT Gallery (wt_gallery)
It has been discovered that the extension wt_gallery is susceptible to Path Traversal and Cross Site Scripting (XSS) attacks. Besides that, it may disclose sensitive information.
Read moreSECURITY-BULLETIN-TYPO3-20080513-4-MULTIPLE-VULNERABILITIES-IN-EXTENSION-STATISTICS-KE-STATS: Security Bulletin TYPO3-20080513-4: Multiple vulnerabilities in extension Statistics (ke_stats)
It has been discovered that the extension Statistics (ke_stats) is vulnerable to Blind SQL Injection attacks. Also, a Cross Site Scripting issue has been found.
SECURITY-BULLETIN-TYPO3-20080513-3-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-EXTENSION-EVENT-DATABASE-RLMP-EVENTDB: Security Bulletin TYPO3-20080513-3: Cross Site Scripting vulnerability in extension Event Database (rlmp_eventdb)
It has been discovered that the extension Event Database (rlmp_eventdb) is susceptible to Cross Site Scripting (XSS) attacks.
SECURITY-BULLETIN-TYPO3-20080513-2-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-EXTENSION-QUESTIONAIRE-PBSURVEY: Security Bulletin TYPO3-20080513-2: Cross Site Scripting vulnerability in extension Questionaire (pbsurvey)
It has been discovered that the extension Questionaire (pbsurvey) is susceptible to Cross Site Scripting (XSS) attacks.
SECURITY-BULLETIN-TYPO3-20080513-1-MULTIPLE-VULNERABILITIES-IN-EXTENSION-WT-GALLERY-WT-GALLERY: Security Bulletin TYPO3-20080513-1: Multiple vulnerabilities in extension WT Gallery (wt_gallery)
It has been discovered that the extension WT Gallery (wt_gallery) is susceptible to Path Traversal and Cross Site Scripting (XSS) attacks. Besides that, it may disclose sensitive information.
TYPO3-20080505-2: Cross Site Scripting vulnerability in extension powermail
It has been discovered that the extension powermail is susceptible to Cross Site Scripting (XSS) attacks.
TYPO3-20080505-1: Multiple vulnerabilities in extension MailformPlus (th_mailformplus)
It has been discovered that the extension MailformPlus (th_mailformplus) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.
SECURITY-BULLETIN-TYPO3-20080505-2-CROSS-SITE-SCRIPTING-VULNERABILITY-IN-EXTENSION-POWERMAIL: Security Bulletin TYPO3-20080505-2: Cross Site Scripting vulnerability in extension powermail
It has been discovered that the extension powermail is susceptible to Cross Site Scripting (XSS) attacks.
SECURITY-BULLETIN-TYPO3-20080505-1-MULTIPLE-VULNERABILITIES-IN-EXTENSION-MAILFORMPLUS-TH-MAILFORMPLUS: Security Bulletin TYPO3-20080505-1: Multiple vulnerabilities in extension MailformPlus (th_mailformplus)
It has been discovered that the extension MailformPlus (th_mailformplus) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.
TYPO3-20080416-2: Vulnerabilities in extensions in pmk_rssnewsexport and scm_rdfexport
It has been discovered that the extensions pmk_rssnewsexport and cm_rdfexport are vulnerable to SQL Injection attacks.