3 matches found
CVE-2017-14251
Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code...
CVE-2017-14251
Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code...
CVE-2017-14251
TYPO3 Unrestricted File Upload vulnerability (CVE-2017-14251) affects TYPO3 7.6.0–7.6.21 and 8.0.0–8.7.4 due to the fileDenyPattern check in sysext/core/Classes/Core/SystemEnvironmentBuilder.php. Remote authenticated users can upload a .pht file and, as a result, execute arbitrary PHP code. The d...