3 matches found
CVE-2014-6290
The News ttnews extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified impact via vectors related to an "insecure unserialize" issue...
CVE-2014-6290
CVE-2014-6290 concerns the TYPO3 tt_news News extension, affected up to version 3.5.1. The security bulletin documents an insecure unserialize vulnerability in tt_news that enables remote attackers to cause unspecified impact. The root cause is improper sanitization of user input leading to unser...
Insecure Unserialize in extension News (tt_news)
It has been discovered that the extension "News" ttnews is susceptible to Insecure Unserialize. Release Date: February 12, 2014 Bulletin update: September 18, 2014 added CVE Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions:...