Lucene search
RedhatCVELIST:CVE-2010-5099HistoryMay 30, 2012 - 8:00 p.m.
CVE-2010-5099
2012-05-3020:00:00
redhat
raw.githubusercontent.com
1
The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.
Related
prion
prion
Path traversal
2012-05-30 20:55:00
Design/Logic Flaw
2010-10-25 20:01:00
Code injection
2010-10-25 20:01:00
ubuntucve
ubuntucve
cve
cve
CVE-2010-5099
2012-05-30 20:55:02
CVE-2010-3714
2010-10-25 20:01:04
cvelist
cvelist
CVE-2010-3714
2010-10-25 19:00:00
CVE-2010-4068
2022-10-03 16:21:03
packetstorm
packetstorm
TYPO3 Unauthenticated Arbitrary File Retrieval
2010-12-29 00:00:00
exploitpack
exploitpack
TYPO3 - Arbitrary File Retrieval
2010-12-29 00:00:00
osv
osv
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism
2022-05-17 05:28:57
typo3-src - several vulnerabilities
2010-10-19 00:00:00
github
github
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism
2022-05-17 05:28:57
seebug
seebug
TYPO3 Unauthenticated Arbitrary File Retrieval
2014-07-01 00:00:00
exploitdb
exploitdb
TYPO3 - Arbitrary File Retrieval
2010-12-29 00:00:00
openvas
openvas
Debian Security Advisory DSA 2121-1 (typo3-src)
2010-11-17 00:00:00
TYPO3 Multiple Vulnerabilities (Oct 2010)
2014-01-09 00:00:00
Debian: Security Advisory (DSA-2121-1)
2010-11-17 00:00:00
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA 2121-1] New TYPO3 packages fix several vulnerabilities
2010-10-19 20:07:20
nessus
nessus
Debian DSA-2121-1 : typo3-src - several vulnerabilities
2010-10-20 00:00:00
typo3
typo3
Multiple vulnerabilities in TYPO3 Core
2010-12-16 00:00:00