44 matches found
EUVD-2026-35396
TYPO3 CMS has Broken Access Control in the Recycler Module...
GHSA-F34X-RX2W-7PM3 TYPO3 CMS has Broken Access Control in the Recycler Module
Problem Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. Solution Update to TYPO3 versions 10.4.57 ELTS, 11.5.51 ELTS, 12.4.46 ELTS, 13.4.31 LTS, 14.3.3 LTS that fix the problem described. Credits...
TYPO3 CMS has Broken Access Control in the Recycler Module
Problem Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. Solution Update to TYPO3 versions 10.4.57 ELTS, 11.5.51 ELTS, 12.4.46 ELTS, 13.4.31 LTS, 14.3.3 LTS that fix the problem described. Credits...
CVE-2026-47349
Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...
CVE-2026-47349
Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...
CVE-2026-47349 TYPO3 CMS - Broken Access Control in Recycler
Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...
CVE-2026-47349 TYPO3 CMS - Broken Access Control in Recycler
Backend users with access to the Recycler module were able to restore soft-deleted records on pages or for tables they were not authorized to modify. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3...
CVE-2026-47349
CVE-2026-47349 affects TYPO3 CMS where backend users with access to the Recycler module could restore soft-deleted records on pages or tables they are not authorized to modify. Affected versions: 10.4.57 and earlier in 10.x; 11.0.0–11.5.51; 12.0.0–12.4.46; 13.0.0–13.4.31; 14.0.0–14.3.3. Root caus...
TYPO3-CORE-SA-2026-011: Broken Access Control in Recycler
More info at https://typo3.org/security/advisory/typo3-core-sa-2026-011...
PT-2026-47742
Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions prior to 10.4.57 TYPO3 CMS versions 11.0.0 through 11.5.51 TYPO3 CMS versions 12.0.0 through 12.4.46 TYPO3 CMS versions 13.0.0 through 13.4.31 TYPO3 CMS versions 14.0.0 through 14.3.3 Description Backend users with access to...
TYPO3 CMS 安全漏洞
TYPO3 CMS is a content management system developed under the TYPO3 open source framework. There is a security vulnerability in TYPO3 CMS, which allows backend users with access to the Recycler module to restore unauthorized pages or soft-deleted records on tables. The following versions are...
CVE-2026-23648 Glory RBG-100 Recycler System Local Privilege Escalation via Insecure File Permissions
Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify the...
CVE-2026-23648 Glory RBG-100 Recycler System Local Privilege Escalation via Insecure File Permissions
Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify the...
CVE-2026-23648
Glory RBG-100 recycler systems running ISPK-08 are affected by overly permissive file permissions in multiple system binaries, where binaries executed by root are writable and executable by unprivileged local users. An attacker with local access could replace or modify these binaries to run arbit...
CVE-2026-23647 Glory RBG-100 Recycler System Hard-coded OS Credentials
Glory RBG-100 recycler systems using the ISPK-08 software component contain hard-coded operating system credentials that allow remote authentication to the underlying Linux system. Multiple local user accounts, including accounts with administrative privileges, were found to have fixed, embedded...
GLORY RBG-100 安全漏洞
GLORY RBG-100 is a cash recycling machine from the British company GLORY. The Glory RBG-100 recycling system has a security vulnerability. This vulnerability stems from the ISPK-08 software component, which contains system binary files with excessive permissions, potentially leading to local...
PT-2026-20312
Name of the Vulnerable Software and Affected Versions Glory RBG-100 recycler systems versions using the ISPK-08 software component affected versions not specified Description The Glory RBG-100 recycler systems, utilizing the ISPK-08 software component, have system binaries with excessively open...
PT-2026-20311
Name of the Vulnerable Software and Affected Versions Glory RBG-100 recycler systems using the ISPK-08 software component affected versions not specified Description The Glory RBG-100 recycler systems, utilizing the ISPK-08 software component, are susceptible to unauthorized access due to...
GLORY RBG-100 安全漏洞
GLORY RBG-100 is a cash recycling machine from the British company GLORY. There is a security vulnerability in GLORY RBG-100; this vulnerability stems from the ISPK-08 software component containing hard-coded operating system credentials, which may allow unauthorized remote access and complete...
Vulnerabilities fixed in TYPO3 CMS
TYPO3 has fixed vulnerabilities in TYPO3 CMS Specific to certain versions. The vulnerabilities in TYPO3 CMS allow attackers to bypass field-level access controls, insert unauthorized data into restricted database fields, and manipulate redirect records without any restrictions. In addition,...