It has been discovered that the extension freeCap CAPTCHA (sr_freecap) is vulnerable to Cross-Site Scripting.

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.

Several vulnerabilities have been found in TYPO3 third party extensions.

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Code Execution.

It has been discovered that the extension WEC Discussion Forum (wec_discussion) is open to multiple security issues.

It has been discovered that the extension Send-A-Card (sr_sendcard) is open to multiple security issues.

It has been discovered that the extension phpmyadmin is susceptible to Cross Site Scripting (XSS) attacks.

Several vulnerabilities have been found in TYPO3 third party extensions.

Several vulnerabilities have been found in TYPO3 third party extensions.

It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library fe_adminlib.inc allows Cross Site Scripting (XSS).

It has been discovered that the extension "Library for Frontend plugins" (sg_zfelib) is susceptible to SQL Injections.

It has been discovered that the extension "KJ: Image Lightbox v2" (kj_imagelightbox2) is susceptible to Cross Site Scripting (XSS) attacks.

It has been discovered that the extension Frontend Filemanager (air_filemanager) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.

It has been discovered that the extension Frontend User Registration (sr_feuser_register) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Command Execution.

It has been discovered that the extension Statistics (ke_stats) is vulnerable to Blind SQL Injection attacks. Also, a Cross Site Scripting issue has been found.

It has been discovered that the extension Event Database (rlmp_eventdb) is susceptible to Cross Site Scripting (XSS) attacks.

It has been discovered that the extension Questionaire (pbsurvey) is susceptible to Cross Site Scripting (XSS) attacks.

It has been discovered that the extension wt_gallery is susceptible to Path Traversal and Cross Site Scripting (XSS) attacks. Besides that, it may disclose sensitive information.

It has been discovered that the extension powermail is susceptible to Cross Site Scripting (XSS) attacks.

It has been discovered that the extension MailformPlus (th_mailformplus) is susceptible to Cross Site Scripting (XSS) attacks and allows Remote Code Execution.

It has been discovered that the extensions pmk_rssnewsexport and cm_rdfexport are vulnerable to SQL Injection attacks.

It has been discovered that the extension de_phpot is vulnerable to multiple SQL Injection flaws and other types of security issues.

It has been discovered that the system extension indexed_search is vulnerable to a SQL Injection flaw.

It has been discovered that the extension mm_forum is vulnerable to multiple SQL Injection attacks and multiple XSS flaws alongside other vulnerabilities.

It has been discovered that the extension ve_guestbook is vulnerable to SQL Injection attacks. Also, a Cross Site Scripting issue has been detected.

Multiple TYPO3 extensions is affected by the third party tool PHPMailer, which is vulnerable to a remote shell command execution.

An information disclosure issue has been found in the phpmyadmin extension of TYPO3 that may give access to phpinfo() information in special cases. The standalone version of phpmyadmin is not affected.

It has been discovered that the extension faq is susceptible to cross site scripting (XSS) attacks, making it possible to execute arbitrary JavaScript.

Multiple vulnerabilities has been found in the extension civserv: Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.

It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.

It has been discovered that the extension ftpbrowser is doing incorrect authentication in some files, making it open for exploiting.

Multiple vulnerabilities have been found in the third party extension "mysqldumper". Full read/write access to the connected database and other related issues.

It has been discovered that the extension w4x_backup has several security related issues, which may disclosure confidential information.

It has been discovered that the extensions macina_banners and its descendant ric_rotation are exposed to an SQL injection issue because they fail to properly sanitize user-supplied input.

A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for.

A header injection problem has been found in the extension tipafriend

A critical problem has been discovered in plugin class.tx_rtehtmlarea_pi1.php that is used for spell-checking in the rtehtmlarea extension.

A problem has been discovered with thumbs.php providing access to unwanted files

A problem has been discovered with fe_adminLib.inc bein vulnerable for Cross Site Scripting (XSS)

A problem has been discovered with indexed search being vulnerable to Cross-Site-Scripting (XSS)

A problem has been discovered with tip-a-friend being vulnerable to Cross-Site-Scripting (XSS)

Two problems (path traversal and SQL injection) have been discovered in the extension dam_downloads

A weakness in the display of forum messages of chc_forum has been discovered that may be used to execute arbitrary SQL

Situations are imaginable where sensitive information gets stored in the fileadmin/_temp_/ directory. If misconfigured in your web server, this directory can be browsable and therefore expose that information.

Under special circumstances, setting config.baseURL (see typo3.org/documentation/document-library/doc_core_tsref/quot_CONFIG_quot/ ) to a numeric value ("1") could be used to spoof a malicious baseURL into your TYPO3 cache. It has now been decided to technically prevent this misconfiguration.

For convenience, the TYPO3 Install Tool provides a button sets the "encryptionKey" to a random value. It has been observed that only parts of the generated value are actually random. The overall key is therefore unique and -as of today- considered sufficiently secure. However, the effective key length is not the intended one.

In the past, a "Shift Reload" from the browser (AKA a GET request with the "no-cache" pragma set) cleared the TYPO3 cache of the requested page. This may be considered a potential target for Denial of Service attacks.

Various security issues have been reported for PhpMyAdmin (see www.securityfocus.com/bid/15196 for details.)

A Cross Site Scripting issue has been found in showpic.php.

The file editor functionality in the TYPO3 Install Tool (menu option "Edit files in typo3conf/") has an option that reads "Make backup copy". If set, this will create a backup copy and append a "~" to the original file name. This leads to file names that may be delivered as text files by a web server. Thus, sensitive information (e.g. the content of localconf.php) may be disclosed.

A weakness in the form validation of th_mailformplus has been discovered that may be abused to inject additional recipients in mail forms.

A bug has been discovered in the "CHC Forum" (chc_forum) extension where some Javascript expressions are not properly caught when entered in forms. Thus, specially crafted entries may be used to inject malicious code.

A bug has been discovered in the "Front End News Submitter" (fe_news) where SQL injection is not safely prevented and thus malicious SQL commands are potentially possible. Since the RTE enabled version (fe_rtenews) is derived from fe_news, it is affected as well.

A bug has been discovered in MOC filemanager (v. 0.7.1 and earlier): An offender may gain illegal read access to files on the server.

Remote exploitation of an input validation vulnerability in AWStats allows remote attackers to execute arbitrary commands. Successful exploitation results in the execution of arbitrary commands with permissions of the web service. This may compromise systems using extensions providing AWStats.

A debug script exposes system information provided by phpinfo(). By default, the script can be executed by a remote user.

Unless the default encryption key settings have been changed by the administrator, the TYPO3 mailform can be compromised to send mail to a wrong receipient. Thus, spam mails may be sent from a remote site.

An issue has been reported where a bug in the "cmw_linklist" extension allows SQL injection attacks. In specific situations, a remote offender can cause malicious database operations.