CVE-2008-2717

TYPO3 vulnerable versions: 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1. Root cause: an insufficiently restrictive default fileDenyPattern for Apache. Impact: remote attackers can bypass security restrictions and upload configuration files (e.g., .htaccess) or perform file uploa...