Lucene search
MitreCVELIST:CVE-2023-30451HistoryDec 25, 2023 - 12:00 a.m.
CVE-2023-30451
2023-12-2500:00:00
mitre
www.cve.org
1
typo3
11.5.24
filelist
component
vulnerability
arbitrary file read
directory traversal
In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with …/…/…/ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF].
Related
nessus
nessus
cve
cve
CVE-2023-30451
2023-12-25 05:15:08
veracode
veracode
Path Traversal
2023-12-28 11:34:09
github
github
Path Traversal in TYPO3 File Abstraction Layer Storages
2024-02-13 19:08:10
osv
osv
TYPO3 Arbitrary File Read via Directory Traversal
2023-12-25 06:30:20
BIT-typo3-2023-30451
2024-03-06 11:08:11
Path Traversal in TYPO3 File Abstraction Layer Storages
2024-02-13 19:08:10
prion
prion
Directory traversal
2023-12-25 05:15:00
packetstorm
packetstorm
TYPO3 11.5.24 Path Traversal
2023-12-20 00:00:00
exploitdb
exploitdb
TYPO3 11.5.24 - Path Traversal (Authenticated)
2024-03-18 00:00:00
nvd
nvd
CVE-2023-30451
2023-12-25 05:15:08
zdt
zdt
TYPO3 11.5.24 Path Traversal Vulnerability
2023-12-20 00:00:00
freebsd
freebsd
typo3-{11,12} -- multiple vulnerabilities
2024-02-13 00:00:00