473 matches found
TYPO3 Security Bulletin
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to SQL injections via XSRF. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.1.1 and all versions below Vulnerability Type: SQL injectio...
Cross-Site Scripting vulnerability in TYPO3 Core
It has been discovered that the backend module "file" is vulnerable to Cross-Site Scripting XSS. Component Type: TYPO3 Core Affected Version: TYPO3 version 4.2.2 Vulnerability Type: Cross Site Scripting Vulnerability: Backend module "file" is susceptible to Cross-Site Scripting. Severity: Low...
Multiple vulnerabilities in extension WEC Discussion Forum (wec_discussion)
It has been discovered that the extension WEC Discussion Forum wecdiscussion is open to multiple security issues. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.6.2 and all versions below Vulnerability Type:...
Multiple vulnerabilities in TYPO3 Core
It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library feadminlib.inc allows Cross Site Scripting XSS. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 3.x, 4.0 ...
Multiple vulnerabilities in extension ve_guestbook
It has been discovered that the extension veguestbook is vulnerable to SQL Injection attacks. Also, a Cross Site Scripting issue has been detected. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.9.3 and below...
TYPO3 Security Bulletin
A bug has been discovered in MOC filemanager v. 0.7.1 and earlier: An offender may gain illegal read access to files on the server. Component Type: Third Party Extension. This extension is third party code that has not been submitted to the TYPO3 extension review process yet. The extension is not...
Cross-Site Scripting Vulnerabilities in File Upload Handling
TYPO3 allows to upload files either in the backend user interface as well as in custom developed extensions. To reduce the possibility to upload potential malicious code TYPO3 uses the fileDenyPattern to deny e.g. user submitted PHP scripts from being persisted. Besides that it is possible for an...
Cross-Site Scripting in Filelist Module
It has been discovered that the output table listing in the “Files” backend module is vulnerable to cross-site scripting when a file extension contains malicious sequences...
Information Disclosure in extension "Direct Mail" (direct_mail)
A missing access check in the backend module of the extension allows a backend user without access to configured tables e.g. feusers, ttaddress to view and export data of users subscribed to a newsletter...
Security Misconfiguration in Frontend Session Handling
It has been discovered session data of properly authenticated and logged in frontend users is kept and transformed into an anonymous user session during the logout process. This way the next user using the same client application gains access to previous session data...
Cross-Site Scripting in Fluid ViewHelpers
Failing to properly encode user input, templates using built-in Fluid ViewHelpers are vulnerable to cross-site scripting...
Critical vulnerabilities in ImageMagick
Multiple vulnerabilities in ImageMagick have been discovered, Remote Code Execution being one of them. For image manipulation TYPO3 CMS makes use of either one of the third party tools GraphicsMagick or ImageMagick. Recently it has been discovered, that ImageMagick exposes multiple vulnerabilitie...
Information Disclosure in extension "UTOPIA" (ics_utopia)
It has been discovered that the extension "UTOPIA" icsutopia is susceptible to Information Disclosure. Release Date: March 03, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.0.1 and below Vulnerability Type:...
Cross-Site Scripting in link validator component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting Component Type: TYPO3 CMS Release Date: February 16, 2016 Vulnerable subcomponent: link validator Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.17 and 7.6.0 to 7.6.2 Severity: Low Suggest...
Cross-Site Scripting in TYPO3 component Indexed Search
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting Component Type: TYPO3 CMS Release Date: December 15, 2015 Vulnerable subcomponent: Indexed Search Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.15 Severity: Low Suggested CVSS v2.0:...
Arbitrary Code Execution in extension "MK Forms" (mkforms)
It has been discovered that the extension "MK Forms" mkforms is susceptible to Arbitrary Code Execution Release Date: September 30, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.0.23 and below Vulnerability...
Cross-Site Scripting in extension "404 Page not found handling" (pagenotfoundhandling)
It has been discovered that the extension "404 Page not found handling" pagenotfoundhandling is susceptible to Cross-Site Scripting Release Date: June 29, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.1.0 a...
SQL Injection vulnerability in extension Basic SEO Features (seo_basics)
It has been discovered that the extension "Basic SEO Features" seobasics is vulnerable to SQL Injection. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 0.8.2 and below Vulnerability Type: SQL Injection Severity: Hi...
Cross-Site Scripting vulnerability in extension powermail for TYPO3 (powermail)
It has been discovered that the extension "powermail" powermail is vulnerable to Cross-Site Scripting Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.6.4 and below Vulnerability Types: Cross-Site Scripting Severit...
Information disclosure vulnerabilities in extension "Front End User Registration" (sr_feuser_register)
It has been discovered that the extension "Front End User Registration" srfeuserregister is vulnerable to information disclosure Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.6.1 and below Vulnerability Type:...
SQL Injection vulnerability in extension Faceted Search (ke_search)
It has been discovered that the extension Faceted Search kesearch is vulnerable to SQL Injection. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 0.3.0 and all versions below Vulnerability Type: SQL Injection...
SQL Injection vulnerabilities in extension "WEC Discussion Forum" (wec_discussion)
It has been discovered that the extension WEC Discussion Forum wecdiscussion is vulnerable to SQL Injection. Release Date: April 7, 2011 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.1.0 and all versions below...
Cross-Site Scripting vulnerability in extension "Media [DAM]" (dam)
It has been discovered that the extension Media DAM dam is vulnerable to Cross-Site Scripting. Release Date: January 26, 2011 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.1.7 and all versions below Vulnerabilit...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" cooluri, "Reset backend password" cwtresetbepassword, "datamints Newsticker" datamintsnewsticker, "Gobernalia Front End News Submitter" gbfenewssubmit, "Mailform" mailform, "Myth download" mythdownloa...
TYPO3 Security Bulletin
It has been discovered that the extension Virtual Civil Services civserv is vulnerable to SQL-injections. Release Date: June 16, 2009 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.3.2 and all versions below...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "FrontEnd MP3 Player" femp3player, "Search In Tables" fesearchintable, "Content Search" gstcontentsearch, "Multilingual Alias" multilingualalias, "Myth Repository" mythrepository and "References database"...
TYPO3 Security Bulletin
It has been discovered that the extension freeCap CAPTCHA srfreecap is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.0.3 and all versions below Vulnerability Type: Cross-Site...
Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found in the extension civserv: Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks. Component Type: Third party extension. This extension is not part of the TYPO3 default installation Affected...
Denial of Service in extension "Code Highlight" (codehighlight)
The extension bundles a vulnerable version of the 3rd party JavaScript component “prism” which is known to be vulnerable against Regular expression Denial of Service ReDoS...
Sensitive links in search results of TYPO3 extension indexed_search
On TYPO3 websites where the “Indexed Search” extension is used, sensitive links may get indexed. The problem occurs when a TYPO3 page contains a plugin that handles possible sensitive actions via HTTP GET parameters e.g. confirmation action for a newsletter subscription, or similar token-based...
Arbitrary Code Execution and Cross-Site Scripting in Backend API
Backend API configuration using Page TSconfig is vulnerable to arbitrary code execution and cross-site scripting. TSconfig fields of page properties in backend forms can be used to inject malicious sequences. Field tsconfigincludes is vulnerable to directory traversal leading to same scenarios as...
Cross-Site Scripting in Backend Modal Component
Failing to properly encode user input, notifications shown in modal windows in the TYPO3 backend are vulnerable to cross-site scripting. A valid backend user account is needed in order to exploit this vulnerability...
Information Disclosure in Install Tool
The Install Tool exposes the current TYPO3 version number to non-authenticated users...
Denial of Service in Frontend Record Registration
TYPO3’s built-in record registration functionality aka “basic shopping cart” using recs URL parameters is vulnerable to denial of service. Failing to properly ensure that anonymous user sessions are valid, attackers can use this vulnerability in order to create an arbitrary amount of individual...
Captcha bypass in extension "Front End User Registration" (sr_feuser_register)
When the extension is used together with the TYPO3 Extension srfreecap, it is possible to bypass the catcha in the registration form...
Privilege Escalation & SQL Injection in TYPO3 CMS
Failing to properly dissociate system related configuration from user generated configuration, the Form Framework system extension "form" is vulnerable to SQL injection and Privilege Escalation. Basically instructions can be persisted to a form definition file that were not configured to be...
SQL Injection in extension "http:BL Blocking" (mh_httpbl)
It has been discovered that the extension "http:BL Blocking" mhhttpbl is susceptible to SQL Injection. Release Date: September 30, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.1.7 and below Vulnerability...
Cross-Site Scripting exploitable by Editors
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting Component Type: TYPO3 CMS Release Date: July 1, 2015 Vulnerable subcomponent: Backend Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.13, 7.0.0 to 7.3.0 Severity: Low Suggested CVSS v2.0:...
SQL Injection vulnerability in extension FAQ - Frequently Asked Questions (js_faq)
It has been discovered that the extension "FAQ - Frequently Asked Questions" jsfaq is susceptible to SQL Injection Release Date: June 15, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 1.2.0 and below...
SQL Injection vulnerability in extension Multishop (multishop)
It has been discovered that the extension "Multishop" multishop is vulnerable to SQL-Injection. Release Date: June 03, 2013 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.0.38 and below Vulnerability Type: SQL...
Several Vulnerabilities in extension commerce (commerce)
It has been discovered that the extension commerce commerce is vulnerable to Cross Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 0.12.7 and below Vulnerability Types: Cross Site Scripting Severity:...
Improper error handling could lead to cache flooding in TYPO3 Core
It has been discovered that TYPO3 is susceptible to Cache Flooding Component Type: TYPO3 Core Affected Versions: 4.2.0 - 4.2.17, 4.3.0 - 4.3.13, 4.4.0 - 4.4.10 and 4.5.0 - 4.5.5 Release Date: September 14, 2011 Vulnerable subcomponent: Caching System Vulnerability Type: Improper error handling...
Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.11.3 and below Vulnerability Type: Multiple Cross-Site Scripti...
Multiple vulnerabilities in third-party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: Event event, Fe user statistic festat, JW Calendar jwcalendar, Questionnaire kequestionnaire, Branchenbuch Yellow Pages mhbranchenbuch, Webkit PDFs webkitpdf, xaJax Shoutbox vxxajaxshoutbox Release Date: August...
Vulnerability in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Remote Command Execution. Component Type: TYPO3 Core Affected Versions: 4.3.0, 4.3.1 and 4.3.2 + development releases of 4.4 branch Vulnerability Types: Remote Command Execution Overall Severity: Critical Release Date: April 9, 2010 Vulnerab...
Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: AN Search it! ansearchit, Simple download-system with counter and categories kkdownloader, Automatic Base Tags for RealUrl ltbasetag, Trips mchtrips, simple Glossar simpleglossar, TW Productfinder...
Blind SQL Injection vulnerability in extension T3M E-Mail Marketing Tool (t3m)
It has been discovered that the extension T3M E-Mail Marketing Tool t3m is vulnerable to Blind SQL Injection attacks. Release Date: August 18, 2009 Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 0.2.4 and below...
Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and Remote Command Execution. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 4.0.0 to 4.0.9, 4.1.0 to 4.1.7, 4.2.0 to 4.2.3 Vulnerability...
TYPO3 Security Bulletin
Several vulnerabilities have been found in the following third party TYPO3 extensions: JobControl dmmjobcontrol, Econda Plugin econda, Frontend Users View feusersview, Mannschaftsliste kiddogplayerlist, M1 Intern m1intern, Simple survey simplesurvey, Page Improvements smpageimprovements Please re...
TYPO3 Security Bulletin
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Code Execution. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 3.2.0 and all versions below Vulnerability Type: Code execution...