CVE-2010-3663
TYPO3 versions prior to 4.1.14, 4.2.x prior to 4.2.13, 4.3.x prior to 4.3.4, and 4.4.x prior to 4.4.1 contain an insecure default value for fileDenyPattern that could allow remote attackers to execute arbitrary code on the backend. remediation is to upgrade to the fixed versions: 4.1.14, 4.2.13, ...