6 matches found
Mass Assignment in extension Direct Mail Subscription (direct_mail_subscription)
It has been discovered that the extension "Direct Mail Subscription" directmailsubscription is susceptible to Mass Assignment. Release Date: February 12, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.0.0 an...
[SECURITY] [DSA 2834-1] typo3-src security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2834-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 01, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2834-1] typo3-src security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2834-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 01, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2834-1] typo3-src security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2834-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 01, 2014 http://www.debian.org/security/faq -...
CVE-2013-7075
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an...
CVE-2013-7075
CVE-2013-7075 affects TYPO3 core via the Content Editing Wizards component. The vulnerability allows remote authenticated backend users to unserialize arbitrary PHP objects and delete arbitrary files through an unspecified parameter, related to a missing signature. Connected advisories confirm mu...