TYPO3 Extensions

TYPO3-EXT-SA-2013-005: Several vulnerabilities in third party extensions

Authors: Franz G. Jahn, Category: TYPO3 Extension February 19, 2013

Several vulnerabilities have been found in the following third-party TYPO3 extensions: fed, myquizpoll, push2rss_3ds, slideshare, wec_discussion

Details

TYPO3-EXT-SA-2013-004: Cross-Site Scripting vulnerability in extension Static Info Tables (static_info_tables)

Authors: Franz G. Jahn, Category: TYPO3 Extension February 19, 2013

It has been discovered that the extension "Static Info Tables" (static_info_tables) is vulnerable to Cross-Site Scripting.

Details

TYPO3-EXT-SA-2013-003: SQL Injection vulnerability in extension CoolURI (cooluri)

Authors: Franz G. Jahn, Category: TYPO3 Extension February 19, 2013

It has been discovered that the extension "CoolURI" (cooluri) is vulnerable to SQL Injection.

Details

TYPO3-EXT-SA-2013-002: Several vulnerabilities in third party extensions

Authors: Franz G. Jahn, Category: TYPO3 Extension January 28, 2013

Several vulnerabilities have been found in the following third-party TYPO3 extensions: attacalendar, attacpetition, eu_subscribe, exinit_job_offer, fefilebrowser, js_css_optimizer, kk_csv2table, lonewsseo, mn_mysql2json, news_search, tipafriend_plus, twitter_auth, sofortueberweisung2commerce, ...

Details

TYPO3-EXT-SA-2013-001: Several vulnerabilities in third party extensions

Authors: Georg Ringer, Category: TYPO3 Extension January 11, 2013

Several vulnerabilities have been found in the following third-party TYPO3 extensions: news, onetimeaccount, phpunit, div2007, t3mootools, t3jquery, oneclicklogin

Details

TYPO3-EXT-SA-2012-013: Several Vulnerabilities in extension commerce (commerce)

Authors: Markus Bucher, Category: TYPO3 Extension December 21, 2012

It has been discovered that the extension commerce (commerce) is vulnerable to Cross Site Scripting.

Details

TYPO3-EXT-SA-2012-012: Several Vulnerabilities in extension Formhandler (formhandler)

Authors: Georg Ringer, Category: TYPO3 Extension October 25, 2012

It has been discovered that the extension Formhandler (formhandler) is vulnerable to SQL-Injection and Cross-Site Scripting.

Details

Platinum sponsors

TYPO3 Security Bulletins

TYPO3-EXT-SA-2013-005: Several vulnerabilities in third party extensions

TYPO3-EXT-SA-2013-004: Cross-Site Scripting vulnerability in extension Static Info Tables (static_info_tables)

TYPO3-EXT-SA-2013-003: SQL Injection vulnerability in extension CoolURI (cooluri)

TYPO3-EXT-SA-2013-002: Several vulnerabilities in third party extensions

TYPO3-EXT-SA-2013-001: Several vulnerabilities in third party extensions

TYPO3-EXT-SA-2012-013: Several Vulnerabilities in extension commerce (commerce)

TYPO3-EXT-SA-2012-012: Several Vulnerabilities in extension Formhandler (formhandler)

About

Roadmap

News

The Brand

The Trademarks

Community

Videos

Events

Contribute

Projects

Extension Repository

Support

Documentation

Release Notes

Getting Started

Core Documentation

TypoScript Reference