473 matches found
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: Photogallery cegallery, SEO Photogallery by Evorion evgallery Release Date: June 14, 2011 Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant...
TYPO3 Security Bulletin
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.1.0 and all versions below Vulnerability Type: Cross-Site...
Multiple vulnerabilities in extension Send-A-Card (sr_sendcard)
It has been discovered that the extension Send-A-Card srsendcard is open to multiple security issues. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.2.2 and all versions below Vulnerability Type: Insufficient...
thumbs.php
A problem has been discovered with thumbs.php providing access to unwanted files Component Type: TYPO3 Core Affected Versions: ALL Vulnerability Type: Image Access Severity: minor Problem Description: TYPO3 uses a script t3lib/thumbs.php to display thumbnails of images and/or PDF documents. It ha...
Information Disclosure in Backend User Interface
The element information component used to display properties of a certain record is susceptible to information disclosure. The list of references from or to the record is not properly checked for the backend user’s permissions. A valid backend user account is needed in order to exploit this...
Information Disclosure in Page Tree
It has been discovered backend users not having read access to specific pages still could see them in the page tree which actually should be disallowed. A valid backend user account is needed in order to exploit this vulnerability...
Cross-Site Scripting in Form Framework
Failing to properly encode user input, frontend forms handled by the form framework system extension “form” are vulnerable to cross-site scripting...
Information Disclosure possibility exploitable by Editors
It has been discovered, that editors could list all files and folders in the root directory of a TYPO3 installation. Component Type: TYPO3 CMS Release Date: July 1, 2015 Vulnerable subcomponent: Backend Vulnerability Type: Information Disclosure Affected Versions: Versions 6.2.0 to 6.2.13, 7.0.0 ...
Improper Access Control in WebDav for filemounts (webdav)
It has been discovered that the extension "WebDav for filemounts" webdav is susceptible to Improper Access Control. Release Date: November 27, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: 2.0.0 Vulnerability Type:...
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: fed, myquizpoll, push2rss3ds, slideshare, wecdiscussion Release Date: February 19, 2013 Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant...
Cross-Site Scripting vulnerability in extension Static Info Tables (static_info_tables)
It has been discovered that the extension "Static Info Tables" staticinfotables is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.3.0 and below Vulnerability Type: Cross-Site...
Cross-site scripting vulnerability in extension powermail for TYPO3 (powermail)
It has been discovered that the extension "powermail" powermail is vulnerable to cross-site scripting. Release Date: May 30, 2012 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.6.6 and below Vulnerability Type:...
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: tkcropthumbs, t3extplorer, tcbeuser, anpredigten, solr, pdfcontroller, cc20, jwplayer Release Date: February 23, 2012 Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensio...
Several Vulnerabilities in extension MailformPlus (th_mailformplus)
Several vulnerabilities have been found in the following third-party TYPO3 extension: thmailformplus Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.0.15 and below Vulnerability Types: Cross-Site Scripting Severit...
Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting XSS, Information Disclosure, Authentication Delay Bypass, Unserialize vulnerability, Missing Access Control. Component Type: TYPO3 Core Affected Versions: 4.3.11 and below, 4.4.8 and below, 4.5.3 and below Vulnerability...
Vulnerabilities in extensions in pmk_rssnewsexport and scm_rdfexport
It has been discovered that the extensions pmkrssnewsexport and cmrdfexport are vulnerable to SQL Injection attacks. Component Type: Third party extensions. These extensions are not part of the TYPO3 default installation. Affected Versions: pmkrssnewsexport: All versions, cmrdfexport: All version...
SQL Injection in system extension indexed_search
It has been discovered that the system extension indexedsearch is vulnerable to a SQL Injection flaw. Component Type: System extension, part of the TYPO3 default installation. Affected Versions: TYPO3 versions 3.x, 4.0 to 4.0.7, 4.1 to 4.1.3. Vulnerability Type: SQL Injection. Severity: Low...
th_mailformplus
A weakness in the form validation of thmailformplus has been discovered that may be abused to inject additional recipients in mail forms. Component Type: Third Party Extension. This extension is third party code that has not been submitted to the TYPO3 extension review process yet. The extension ...
Possible Insecure Deserialization in Extbase Request Handling
It has been discovered that request handling in Extbase can be vulnerable to insecure deserialization. User submitted payload has to be signed with a corresponding HMAC-SHA1 using the sensitive TYPO3 encryptionKey as secret - invalid or unsigned payload is not deserialized...
Remote Code Execution in extension "freeCap CAPTCHA" (sr_freecap)
The extension fails to sanitize user input which allows to execute arbitrary Extbase actions resulting in Remote Code Execution...
Information Disclosure in extension "LDAP" (eu_ldap)
It has been discovered that the extension "LDAP" euldap is susceptible to Information Disclosure. Release Date: September 30, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.8.18 and below Vulnerability Type:...
SQL Injection vulnerability in extension wt_directory (wt_directory)
It has been discovered that the extension "wtdirectory" wtdirectory is susceptible to SQL Injection Release Date: June 15, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.4.1 and below Vulnerability Type: SQL...
Cross-Site Request Forgery Protection in TYPO3 CMS 6.2
TYPO3 CMS 6.2 will get CSRF Protection throughout all modules and parts that manipulate data. Component Type: TYPO3 CMS Vulnerability Types: Cross-Site Request Forgery CSRF Overall Severity: Low Release Date: January 31, 2014 Affected Versions: All versions below 6.2 CVE: Will be requested. Probl...
Several Vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize leading to Arbitrary Code Execution Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.18, 4.6.0 up to 4.6.11, 4.7.0 up to 4.7.3 and development releases of the 6....
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: MM DAM - FEFileList mmdamfilelist, Events julleevents, WEC Staff Directory wecstaffdirectory, TGM news tgmnews, TGM media tgmmedia, TGM calendar module tgmcal, DAM Lightbox damlightbox, Download system...
Multiple SQL Injection vulnerabilities in extension "Website Photo Gallery" (jm_gallery)
It has been discovered that the extension Website Photo Gallery jmgallery is vulnerable to SQL injection. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 0.9.1 and below Vulnerability Type: SQL Injection Severity:...
TYPO3 Security Bulletin
Several vulnerabilities have been found in the following third party TYPO3 extensions: Apache Solr Search solr, Random Images maagrandomimage, Flagbit Filebase fbfilebase, freeCap CAPTCHA srfreecap Release Date: Oktober 20, 2009 Please read first: This Collective Security Bulletin CSB is a listin...
Multiple vulnerabilities in TYPO3 third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Accessibility Glossary" a21glossary, "Calendar Base" cal, "Flat Manager" flatmgr Release Date: March 05, 2009 Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with...
Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 3.3.x, 3.5.x, 3.6.x, 3.7.x, 3.8.x, 4.0 to 4.0.11, 4.1.0 to 4.1.9, 4.2.0 to 4.2.5, 4.3alpha1 Vulnerability Types: Information...
Cross-Site Scripting vulnerability in TYPO3 Core
It has been discovered that the frontend plugin of system extension "felogin" is vulnerable to Cross-Site Scripting XSS. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 4.2.0, 4.2.1 and 4.2.2 Vulnerability Type: Cross Site Scripting Vulnerability: The frontend plugin of system...
SQL Injection in extension "Library for Frontend plugins" (sg_zfelib)
It has been discovered that the extension "Library for Frontend plugins" sgzfelib is susceptible to SQL Injections. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.1.512 and below Vulnerability Type: SQL Injection...
TYPO3 Security Bulletin
In the past, a "Shift Reload" from the browser AKA a GET request with the "no-cache" pragma set cleared the TYPO3 cache of the requested page. This may be considered a potential target for Denial of Service attacks. Component Type: Core Affected Components: TYPO3 Page Cache Versions: TYPO3 3.8.0...
Remote Code Execution in extension "Turn!" (turn)
The extensions fails to sanitize user input resulting in Remote Code Execution. The issue is only exploitable, when the attacker has FTP/SFTP access to the TYPO3 website...
Remote Code Execution in extension "PHPUnit" (phpunit)
A PHP script located in “src/Util/PHP/eval-stdin.php” can be used to execute arbitrary PHP code in context of the webserver. The vulnerability is only exploitable if the vendor/ directory is publicly accessible...
Arbitrary file Upload in extension "Yet Another Gallery" (yag)
The extension contains the 3rd party component “Uploadify”, which includes a demo script for uploading files with the file extensions “jpg”, “jpeg”, “gif” and “png” to the server. Also, a demo script is present, which allows to check for the existence of a given filename...
Arbitrary Code Execution via File List Module
Due to missing file extensions in $GLOBALS'TYPO3CONFVARS''BE'‘fileDenyPattern’, backend users are allowed to upload .phar, .shtml, .pl or .cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability...
Cross-Site Scripting in Language Pack Handling
Failing to properly encode information from external sources, language pack handling in the install tool is vulnerable to cross-site scripting...
Broken Access Control in Localization Handling
It has been discovered that backend users having limited access to specific languages are capable of modifying and creating pages in the default language which actually should be disallowed. A valid backend user account is needed in order to exploit this vulnerability...
Authentication Bypass in TYPO3 CMS
It has been discovered, that TYPO3 CMS is vulnerable to Authentication Bypass. Component Type: TYPO3 CMS Release Date: April 12, 2016 Vulnerable subcomponent: Authentication Vulnerability Type: Authentication Bypass Affected Versions: Versions 6.2.0 to 6.2.19, 7.6.0 to 7.6.4 and 8.0.0 Severity:...
Arbitrary File Disclosure in Form Component
It has been discovered, that TYPO3 Form Component is susceptible to Arbitrary File Disclosure. Component Type: TYPO3 CMS Release Date: April 12, 2016 Vulnerable subcomponent: Form Vulnerability Type: Arbitrary File Disclosure Affected Versions: Versions 6.2.0 to 6.2.19 Severity: High Suggested CV...
Cross-Site Scripting in extension "Google Sitemap" (enter_new_weeaar_googlesitemap)
It has been discovered that the extension "Google Sitemap" enternewweeaargooglesitemap is susceptible to Cross-Site Scripting. Release Date: March 03, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.0.0 and...
Frontend login Session Fixation
It has been discovered that TYPO3 is susceptible to session fixation. Component Type: TYPO3 CMS Release Date: July 1, 2015 Vulnerable subcomponent: Frontend Logon Vulnerability Type: Session Fixation Affected Versions: Versions 6.2.0 to 6.2.13, 7.0.0 to 7.3.0 Severity: Low Suggested CVSS v2.0:...
Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting and Full Path Disclosure. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.11.5 and below Vulnerability Type:...
TYPO3 Security Bulletin
It has been discovered that the extension powermail powermail is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.5.4 and below Vulnerability Type: Cross-Site Scripting Severity:...
Vulnerabilitiy in extension Tip-A-Friend (tipafriend)
It has been discovered that the extension Tip-A-Friend tipafriend is susceptible to Cross Site Scripting XSS attacks. Component Type: Third party extension. This extensions is not part of the TYPO3 default installation. Affected Versions: 1.2.3 Vulnerability Type: Cross Site Scripting Severity:...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Event Manager eventmanagement, Game Article DB gamearticledb, Simple career mlcareer, Surprise Calendar mlsurprisecalendar, Search Api Ajax Google searchajaxgoogle, Download Manager sprdownloadmanager Release...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Car car, TYPO3 Watchdog abawatchdog, File list drblob, ListMan nllistman, XDS Staff List xdsstaff, Document Directorys danpdocumentdirs, Random Prayer Version 2 steprayer2, Diocese of Portsmouth Resources...
Cross-Site Scripting vulnerability in extension Modern Guestbook / Commenting System (ve_guestbook)
It has been discovered that the extension Modern Guestbook / Commenting system veguestbook is vulnerable to Cross-Site Scripting. Release Date: June 16, 2009 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.7.1 and...
Cross Site Scripting vulnerability in extension phpmyadmin
It has been discovered that the extension phpmyadmin is susceptible to Cross Site Scripting XSS attacks. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 3.0.1 and all versions below Vulnerability Type: Cross Site...
Cross Site Scripting vulnerability in extension Event Database (rlmp_eventdb)
It has been discovered that the extension Event Database rlmpeventdb is susceptible to Cross Site Scripting XSS attacks. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.1.1 and below Vulnerability Type: Cross Site...