4 matches found
CVE-2011-4614
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACKPATH parameter...
CVE-2011-4614
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACKPATH parameter...
CVE-2011-4614
creationtimestamp| type| source ---|---|--- 2012-01-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18308...
FreeBSD : typo3 -- Remote Code Execution (3c957a3e-2978-11e1-89b4-001ec9578670)
The typo3 security team reports : A crafted request to a vulnerable TYPO3 installation will allow an attacker to load PHP code from an external source and to execute it on the TYPO3 installation. This is caused by a PHP file, which is part of the workspaces system extension, that does not validat...