• Support
    • Finding Help
    • Professional Services
    • Mailing Lists
    • IRC Chat
    • Security Bulletins
      • TYPO3 Flow
      • TYPO3 Core
      • TYPO3 Extensions

Platinum sponsors

AOE media
dkd Internet Service
Mittwald
FTI Touristik
Flagbit GmbH & Co. KG
typovision GmbH
pluswerk GmbH
netzrezepte Technologies Pvt. Ltd.
 
  • typo3.org
  • Support
  • Multiple vulnerabilities in third party extensions

TYPO3-EXT-SA-2011-014: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

Authors: Marcus Krause, Category: TYPO3 Extension October 18, 2011

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting and Full Path Disclosure.

Details

TYPO3-EXT-SA-2011-012: Several vulnerabilities in third party extensions

Authors: Georg Ringer, Category: TYPO3 Extension September 28, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extensions: mm_hutinfo, np_indexed_search_stat, rzcolorbox, t3c_podcasts, winning_game, tgm_gallery, tgmv_gallery, bps_shib, dev_null_robots, dhc_inflationcal, dam_frontend, rtg_files, mg_rooms, gridelements

Details

TYPO3-EXT-SA-2011-013: Cross-Site scripting vulnerability in extension t3blog (t3blog)

Authors: Dmitry Dulepov, Category: TYPO3 Extension September 27, 2011

It has been discovered that the extension "T3Blog" (t3blog) is vulnerable to Cross-Site Scripting.

Details

TYPO3-EXT-SA-2011-011: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)

Authors: Marcus Krause, Category: TYPO3 Extension September 15, 2011

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.

Details

TYPO3-CORE-SA-2011-003: Improper error handling could lead to cache flooding in TYPO3 Core

Authors: Helmut Hummel, Category: TYPO3 Core September 14, 2011

It has been discovered that TYPO3 is susceptible to Cache Flooding

Details

TYPO3-CORE-SA-2011-002: Potential SQL injection vulnerability in TYPO3 Core

Authors: Helmut Hummel, Category: TYPO3 Core September 14, 2011

It has been discovered that the TYPO3 prepared statement database API allows SQL Injections.

Details

TYPO3-EXT-SA-2011-009: Several Vulnerabilities in extension MailformPlus (th_mailformplus)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extension: th_mailformplus

Details

TYPO3-EXT-SA-2011-008: Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extension: rgsmoothgallery

Details

TYPO3-EXT-SA-2011-007: Several Vulnerabilities in extension Direct Mail Subscription (direct_mail_subscription)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extension: direct_mail_subscription

Details

TYPO3-EXT-SA-2011-010: A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

A vulnerability has been found in the following third-party TYPO3 extension: ameos_dragndropupload

Details
  • <<First
  • <Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • …
  • Next>
  • Last>>
TYPO3
  • Go to: typo3.org
    • Buzz (TYPO3 Blogs)
    • Certification
    • TYPO3 Flow
    • Forge (Dev Platform)
    • Mailing lists
    • TYPO3 Association
    • TYPO3 Wiki
  • Loading
     
  • Home
  • About

    About

    • TYPO3 - The CMS
    • Licenses
    • TYPO3 Association
    • The Backend
    • Case Studies
    • Features

    Roadmap

    • Berlin Manifesto

    News

    • Association
    • Community
    • Development
    • Documentation
    • Security Bulletins

    The Brand

    • The TYPO3 Family
    • Brand Book
    • Style Guide

    The Trademarks

  • Community

    Community

    • Code of Conduct
    • Leadership Code of Conduct
    • Community Manager Corner
    • TYPO3 User Groups
    • Technology Supporters
    • Wallpapers
    • Merchandise

    Videos

    Events

    • Official Events
    • Community Events
    • Code Sprints
    • Archive
    • Add new Event
  • Contribute

    Contribute

    • Association Membership
    • Donate
    • Participate
    • Teams

    Projects

    • typo3.org
    • BLE
    • Google Summer of Code
  • Extensions

    Extension Repository

    • FAQ
    • What are extensions?
    • Translators
  • Support

    Support

    • Finding Help
    • Professional Services
    • Mailing Lists
    • IRC Chat
    • Security Bulletins
  • Documentation

    Documentation

    • Document Library
    • Tutorial videos
    • Wiki
    • Articles
    • Snippets
    • API
  • Download

    Release Notes

    • TYPO3 6.1 Release Notes
    • TYPO3 6.0 Release Notes
    • TYPO3 4.7 Release Notes
    • TYPO3 4.6 Release Notes
    • TYPO3 4.5 Release Notes
    • TYPO3 4.4 Release Notes
    • TYPO3 4.3 Release Notes
    • Past Changelogs

    Getting Started

    Core Documentation

    TypoScript Reference

  • Demo

© 2005-2013 TYPO3 Association. All rights reserved.

  • Contact
  • Donate
  • TYPO3 Association
  • Downloads
  • Videos
  • Flow
  • News
  • Press
  • Events
  • Sitemap
  • Legal Info
  • Licenses

Hosting Sponsors: