473 matches found
Cross-Site Scripting in Backend Grid View
Failing to properly encode settings for backend layouts, the corresponding grid view is vulnerable to persistent cross-site scripting. A valid backend user account is needed to exploit this vulnerability...
Broken Access Control in extension "typo3_forum" (typo3_forum)
The ACL check of the extension is broken under certain conditions allowing anonymous users to create forum posts although this feature is disabled for anonymous users in the access control list...
Broken Access Control in Import Module
It has been discovered that the Import/Export module is susceptible to broken access control. Regular backend users have access to import functionality which usually only is available to admin users or users having User TSconfig setting options.impexp.enableImportForNonAdminUser explicitly enable...
SQL Injection in extension "Another simple gallery" (chgallery)
It has been discovered that the extension "Another simple gallery" chgallery is susceptible to SQL Injection. Release Date: March 10, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.5.3 and below Vulnerabilit...
Multiple Cross-Site Scripting vulnerabilities in frontend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting Component Type: TYPO3 CMS Release Date: December 15, 2015 Vulnerable subcomponent: Frontend Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.15, 7.0.0 to 7.6.0 Severity: Low Suggested CVSS...
Cross-site scripting vulnerability in extension Ameos Formidable (ameos_formidable)
It has been discovered that the extension "Ameos Formidable" ameosformidable is vulnerable to cross-site scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.1.373 and below Vulnerability Type: Cross-site...
Authentication Bypass and Blind LDAP Injection in extension eu_ldap
It has been discovered that the extension euladap is vulnerable to Authentication Bypass and Blind LDAP Injection Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.8.10 and all versions below Vulnerability Type:...
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: mmhutinfo, npindexedsearchstat, rzcolorbox, t3cpodcasts, winninggame, tgmgallery, tgmvgallery, bpsshib, devnullrobots, dhcinflationcal, damfrontend, rtgfiles, mgrooms, gridelements Release Date: September 28,...
Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)
Several vulnerabilities have been found in the following third-party TYPO3 extension: rgsmoothgallery Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.5.1 and below Vulnerability Types: Cross-Site Scripting,...
A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)
A vulnerability has been found in the following third-party TYPO3 extension: ameosdragndropupload Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.0.2 and below Vulnerability Types: Arbitrary Code Execution Severit...
Vulnerabilitiy in extension Frontend User Registration (sr_feuser_register)
It has been discovered that the extension Frontend User Registration srfeuserregister is susceptible to Cross Site Scripting XSS attacks. Component Type: Third party extension. This extensions is not part of the TYPO3 default installation. Affected Versions: Version 2.5.24 and all versions below...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: MK-AnydropdownMenu mkanydropdownmenu, Photo Book gooffotoboek, SB Folderdownload sbfolderdownload, Developer log devlog, KJ: Imagelightbox kjimagelightbox2, Unit Converter cs2unitconv, powermail powermail, TV21...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Car car, TYPO3 Watchdog abawatchdog, File list drblob, ListMan nllistman, XDS Staff List xdsstaff, Document Directorys danpdocumentdirs, Random Prayer Version 2 steprayer2, Diocese of Portsmouth Resources...
Cross-Site Scripting vulnerability in extension Modern Guestbook / Commenting System (ve_guestbook)
It has been discovered that the extension Modern Guestbook / Commenting system veguestbook is vulnerable to Cross-Site Scripting. Release Date: June 16, 2009 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.7.1 and...
Cross Site Scripting vulnerability in extension "KJ: Image Lightbox v2" (kj_imagelightbox2)
It has been discovered that the extension "KJ: Image Lightbox v2" kjimagelightbox2 is susceptible to Cross Site Scripting XSS attacks. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.4.2 and below, possibly also all...
Cross Site Scripting vulnerability in extension powermail
It has been discovered that the extension powermail is susceptible to Cross Site Scripting XSS attacks. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.1.9 and all versions below Vulnerability Type: Cross Site...
Multiple vulnerabilities in extension MailformPlus (th_mailformplus)
It has been discovered that the extension MailformPlus thmailformplus is susceptible to Cross Site Scripting XSS attacks and allows Remote Code Execution. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 4.0.3 and belo...
TYPO3 Security Bulletin
A Cross Site Scripting issue has been found in showpic.php. Component Type: Core Affected Components: showpic.php Versions: TYPO3 3.8.0 and earlier Vulnerability Type: Cross Site Scripting Severity: High Problem Description: A Cross Site Scripting issue has been found in showpic.php. Solution: Th...
TYPO3 Security Bulletin
A bug has been discovered in the "Front End News Submitter" fenews where SQL injection is not safely prevented and thus malicious SQL commands are potentially possible. Since the RTE enabled version fertenews is derived from fenews, it is affected as well. Component Type: Third Party Extension...
Sensitive Data Exposure in extension "Job Fair" (jobfair)
The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the filename of uploaded files e.g uploads/txjobfair/cv.pdf...
Cross-Site Scripting in Form Framework validation handling
It has been discovered that the output of field validation errors in the Form Framework is vulnerable to cross-site scripting...
Cross Site Scripting in extension "File List" (file_list)
The extension fails to properly encode user input for output in HTML context...
SQL Injection in extension "URL redirect" (url_redirect)
The extension fails to properly sanitize user input and is susceptible to SQL Injection...
SQL Injection in extension "Event Calender" (pits_wd_calender)
The extension fails to properly sanitize user input and is susceptible to SQL Injection...
Cross Site Scripting in extension "gkh RSS Import" (gkh_rss_import)
The extension fails to properly encode user input for output in HTML context...
Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin)
Multiple vulnerabilities have been found in the phpMyAdmin component...
Object Injection in extension "mkmailer" (mkmailer)
It was discovered that included 3rd party library PHPMailer is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code...
Cross-Site Scripting in Online Media Asset Rendering
Failing to properly encode user input, online media asset rendering .youtube and .vimeo files is vulnerable to cross-site scripting. A valid backend user account or write access on the server system e.g. SFTP is needed in order to exploit this vulnerability...
Security Misconfiguration in Install Tool Cookie
It has been discovered that cookies created in the Install Tool are not hardened to be submitted only via HTTP. In combination with other vulnerabilities such as cross-site scripting it can lead to hijacking an active and valid session in the Install Tool...
Cross-site scripting vulnerability in extension "Powermail" (powermail)
The extension uses \TYPO3\CMS\Core\Utility\GeneralUtility::removeXSS, which is known to be vulnerable to XSS...
Cross-Site Scripting in TYPO3 Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting. Component Type: TYPO3 CMS Release Date: April 12, 2016 Vulnerable subcomponent: Backend Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.19, 7.6.0 to 7.6.4 and 8.0.0 Severity: Medium...
File Disclosure in extension "Zend Framework Integration" (zend_framework)
It has been discovered that the extension "Zend Framework Integration" zendframework is susceptible to File Disclosure. Release Date: September 30, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.7.6 and belo...
Access bypass when editing file metadata
It has been discovered, that editors could change, create or delete metadata of files without permission. Component Type: TYPO3 CMS Release Date: July 1, 2015 Vulnerable subcomponent: Backend Vulnerability Type: Broken Access Control Affected Versions: Versions 6.2.0 to 6.2.13, 7.0.0 to 7.3.0...
Cross-Site Scripting in 3rd party library Flowplayer
It has been discovered, that editors could change, create or delete metadata of files without permission. Component Type: TYPO3 CMS Release Date: July 1, 2015 Vulnerable subcomponent: Backend Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.13, 7.0.0 to 7.3.0...
Arbitrary Code Execution in extension Frontend User Upload (feupload)
It has been discovered that the extension "Frontend User Upload" feupload is susceptible to Arbitrary Code Execution Release Date: June 15, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 0.5.0 and below...
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: cssfilelinks, terminal, beuserswitch, rtgfiles, irfaq, skteurocalc, jftcaforms, bcpost2facebook, aeurltool, mvcooking, toicategory, ajadofacebook Release Date: February 2, 2012 Please read first: This Collectiv...
Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Local file inclusion. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.11.8 and below Vulnerability Type: Local file inclusion...
Remote File Disclosure and Cross-Site Scripting vulnerability in extensions pmkshadowbox and pmkslimbox
It has been discovered that the extensions pmkshadowbox and pmkslimbox are vulnerable to Remote File Disclosure and Cross-Site Scripting. Release Date: Oktober 20, 2011 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Extension: pmkshadowbox...
Several vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting, Local File Inclusion, Code Execution and Session Manipulation. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version...
Cross-Site Scripting and Open Redirection vulnerability in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting and Open Redirection. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.10.3 and below Vulnerability Type:...
Blind SQL Injection vulnerability in extension Calendar Base (cal)
It has been discovered that the extension Calendar Base cal is vulnerable to Blind SQL Injection. Release Date: March 2, 2010 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.3.1 and all versions below Vulnerabilit...
Cross-Site Scripting vulnerability in TYPO3 Core
It has been discovered that the backend module "file" is vulnerable to Cross-Site Scripting XSS. Component Type: TYPO3 Core Affected Version: TYPO3 version 4.2.2 Vulnerability Type: Cross Site Scripting Vulnerability: Backend module "file" is susceptible to Cross-Site Scripting. Severity: Low...
Multiple vulnerabilities in TYPO3 Core
It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library feadminlib.inc allows Cross Site Scripting XSS. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 3.x, 4.0 ...
TYPO3 Security Bulletin
Situations are imaginable where sensitive information gets stored in the fileadmin/temp/ directory. If misconfigured in your web server, this directory can be browsable and therefore expose that information. Component Type: Core Affected Components: File Editor in Install Tool Versions: TYPO3 3.8...
TYPO3 Security Bulletin
Various security issues have been reported for PhpMyAdmin see www.securityfocus.com/bid/15196 for details. Component Type: Third Party Product, included with the TYPO3 core Affected Components: PhpMyAdmin Versions: TYPO3 3.8.0 and earlier Vulnerability Type: Various see below Severity: Medium...
TYPO3 Security Bulletin
The file editor functionality in the TYPO3 Install Tool menu option "Edit files in typo3conf/" has an option that reads "Make backup copy". If set, this will create a backup copy and append a "" to the original file name. This leads to file names that may be delivered as text files by a web serve...
TYPO3 Security Bulletin
A bug has been discovered in MOC filemanager v. 0.7.1 and earlier: An offender may gain illegal read access to files on the server. Component Type: Third Party Extension. This extension is third party code that has not been submitted to the TYPO3 extension review process yet. The extension is not...
Cross-Site Scripting Vulnerabilities in File Upload Handling
TYPO3 allows to upload files either in the backend user interface as well as in custom developed extensions. To reduce the possibility to upload potential malicious code TYPO3 uses the fileDenyPattern to deny e.g. user submitted PHP scripts from being persisted. Besides that it is possible for an...
Security Misconfiguration in Frontend Session Handling
It has been discovered session data of properly authenticated and logged in frontend users is kept and transformed into an anonymous user session during the logout process. This way the next user using the same client application gains access to previous session data...
SQL Injection in extension "Faceted Search" (ke_search)
The extension fails to properly sanitize user input and is susceptible to SQL Injection...