• Support
    • Finding Help
    • Professional Services
    • Mailing Lists
    • IRC Chat
    • Security Bulletins
      • TYPO3 Flow
      • TYPO3 Core
      • TYPO3 Extensions

Platinum sponsors

AOE media
dkd Internet Service
Mittwald
FTI Touristik
Flagbit GmbH & Co. KG
typovision GmbH
pluswerk GmbH
netzrezepte Technologies Pvt. Ltd.
 
  • typo3.org
  • Support
  • TYPO3 Security Bulletin

TYPO3-EXT-SA-2012-011: Cross-site scripting vulnerability in extension powermail for TYPO3 (powermail)

Authors: Marcus Krause, Category: TYPO3 Extension August 08, 2012

It has been discovered that the extension "powermail" (powermail) is vulnerable to Cross-Site Scripting, SQL Injection and Arbitrary Code Execution.

Details

TYPO3-CORE-SA-2012-003: Cross-Site Scripting Vulnerability in TYPO3 Core

Authors: Marcus Krause, Category: TYPO3 Core July 04, 2012

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting.

Details

TYPO3-EXT-SA-2012-010: Cross-site scripting vulnerability in extension Seminars (seminars)

Authors: Oliver Klee, Category: TYPO3 Extension July 03, 2012

It has been discovered that the extension "Seminars" (seminars) is vulnerable to cross-site scripting.

Details

TYPO3-EXT-SA-2012-009: Cross-site scripting vulnerability in extension powermail for TYPO3 (powermail)

Authors: Georg Ringer, Category: TYPO3 Extension June 07, 2012

It has been discovered that the extension "powermail" (powermail) is vulnerable to cross-site scripting.

Details

TYPO3-EXT-SA-2012-008: Cross-site scripting vulnerability in extension Ameos Formidable (ameos_formidable)

Authors: Oliver Klee, Category: TYPO3 Extension June 07, 2012

It has been discovered that the extension "Ameos Formidable" (ameos_formidable) is vulnerable to cross-site scripting.

Details

TYPO3-EXT-SA-2012-007: SQL Injection vulnerability in extension Basic SEO Features (seo_basics)

Authors: Markus Bucher, Category: TYPO3 Extension June 07, 2012

It has been discovered that the extension "Basic SEO Features" (seo_basics) is vulnerable to SQL Injection.

Details

TYPO3-CORE-SA-2012-002: Cross-Site Scripting Vulnerability in TYPO3 Core

Authors: Helmut Hummel, Category: TYPO3 Core April 17, 2012

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting.

Details

TYPO3-EXT-SA-2012-006: Cross-Site Scripting vulnerability in extension Basic SEO Features (seo_basics)

Authors: Markus Bucher, Category: TYPO3 Extension March 28, 2012

It has been discovered that the extension "Basic SEO Features" (seo_basics) is vulnerable to Cross-Site Scripting

Details

TYPO3-EXT-SA-2012-005: Several vulnerabilities in third party extensions

Authors: Marcus Krause, Category: TYPO3 Extension March 28, 2012

Several vulnerabilities have been found in the following third-party TYPO3 extensions: fe_whois, cag_tables, additional_reports, general_data_display, realty, dkd_feuser_belogin, tc_fbconnect, dix_easylogin, ajado_facebook, facebook2t3, sociallogin2t3, kb_eventboard, news

Details

TYPO3-EXT-SA-2012-004: Cross-Site Scripting vulnerability in extension powermail for TYPO3 (powermail)

Authors: Markus Bucher, Category: TYPO3 Extension March 28, 2012

It has been discovered that the extension "powermail" (powermail) is vulnerable to Cross-Site Scripting

Details
  • <<First
  • <Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • …
  • Next>
  • Last>>
TYPO3
  • Go to: typo3.org
    • Buzz (TYPO3 Blogs)
    • Certification
    • TYPO3 Flow
    • Forge (Dev Platform)
    • Mailing lists
    • TYPO3 Association
    • TYPO3 Wiki
  • Loading
     
  • Home
  • About

    About

    • TYPO3 - The CMS
    • Licenses
    • TYPO3 Association
    • The Backend
    • Case Studies
    • Features

    Roadmap

    • Berlin Manifesto

    News

    • Association
    • Community
    • Development
    • Documentation
    • Security Bulletins

    The Brand

    • The TYPO3 Family
    • Brand Book
    • Style Guide

    The Trademarks

  • Community

    Community

    • Code of Conduct
    • Leadership Code of Conduct
    • Community Manager Corner
    • TYPO3 User Groups
    • Technology Supporters
    • Wallpapers
    • Merchandise

    Videos

    Events

    • Official Events
    • Community Events
    • Code Sprints
    • Archive
    • Add new Event
  • Contribute

    Contribute

    • Association Membership
    • Donate
    • Participate
    • Teams

    Projects

    • typo3.org
    • BLE
    • Google Summer of Code
  • Extensions

    Extension Repository

    • FAQ
    • What are extensions?
    • Translators
  • Support

    Support

    • Finding Help
    • Professional Services
    • Mailing Lists
    • IRC Chat
    • Security Bulletins
  • Documentation

    Documentation

    • Document Library
    • Tutorial videos
    • Wiki
    • Articles
    • Snippets
    • API
  • Download

    Release Notes

    • TYPO3 6.1 Release Notes
    • TYPO3 6.0 Release Notes
    • TYPO3 4.7 Release Notes
    • TYPO3 4.6 Release Notes
    • TYPO3 4.5 Release Notes
    • TYPO3 4.4 Release Notes
    • TYPO3 4.3 Release Notes
    • Past Changelogs

    Getting Started

    Core Documentation

    TypoScript Reference

  • Demo

© 2005-2013 TYPO3 Association. All rights reserved.

  • Contact
  • Donate
  • TYPO3 Association
  • Downloads
  • Videos
  • Flow
  • News
  • Press
  • Events
  • Sitemap
  • Legal Info
  • Licenses

Hosting Sponsors: