2 matches found
CVE-2013-4250
The 1 file upload component and 2 File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file...
CVE-2013-4250
The CVE-2013-4250 issue affects TYPO3 6.0.x (before 6.0.8) and 6.1.x (before 6.1.3) in both the file upload component and the File Abstraction Layer (FAL). The root cause is improper validation of file extensions, permitting remote authenticated editors to upload a PHP file and execute arbitrary ...