Directory Traversal and Code Injection vulnerability in extension phpMyAdmin (phpmyadmin)

Support

Platinum sponsors

typo3.org
Support
Directory Traversal and Code Injection vulnerability in extension phpMyAdmin (phpmyadmin)

TYPO3-EXT-SA-2011-014: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

Authors: Marcus Krause, Category: TYPO3 Extension October 18, 2011

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting and Full Path Disclosure.

Details

TYPO3-EXT-SA-2011-012: Several vulnerabilities in third party extensions

Authors: Georg Ringer, Category: TYPO3 Extension September 28, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extensions: mm_hutinfo, np_indexed_search_stat, rzcolorbox, t3c_podcasts, winning_game, tgm_gallery, tgmv_gallery, bps_shib, dev_null_robots, dhc_inflationcal, dam_frontend, rtg_files, mg_rooms, gridelements

Details

TYPO3-EXT-SA-2011-013: Cross-Site scripting vulnerability in extension t3blog (t3blog)

Authors: Dmitry Dulepov, Category: TYPO3 Extension September 27, 2011

It has been discovered that the extension "T3Blog" (t3blog) is vulnerable to Cross-Site Scripting.

Details

TYPO3-EXT-SA-2011-011: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)

Authors: Marcus Krause, Category: TYPO3 Extension September 15, 2011

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.

Details

TYPO3-CORE-SA-2011-003: Improper error handling could lead to cache flooding in TYPO3 Core

Authors: Helmut Hummel, Category: TYPO3 Core September 14, 2011

It has been discovered that TYPO3 is susceptible to Cache Flooding

Details

TYPO3-CORE-SA-2011-002: Potential SQL injection vulnerability in TYPO3 Core

Authors: Helmut Hummel, Category: TYPO3 Core September 14, 2011

It has been discovered that the TYPO3 prepared statement database API allows SQL Injections.

Details

TYPO3-EXT-SA-2011-009: Several Vulnerabilities in extension MailformPlus (th_mailformplus)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extension: th_mailformplus

Details

TYPO3-EXT-SA-2011-008: Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extension: rgsmoothgallery

Details

TYPO3-EXT-SA-2011-007: Several Vulnerabilities in extension Direct Mail Subscription (direct_mail_subscription)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

Several vulnerabilities have been found in the following third-party TYPO3 extension: direct_mail_subscription

Details

TYPO3-EXT-SA-2011-010: A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)

Authors: Georg Ringer, Category: TYPO3 Extension September 07, 2011

A vulnerability has been found in the following third-party TYPO3 extension: ameos_dragndropupload

Details

Platinum sponsors

TYPO3-EXT-SA-2011-014: Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

TYPO3-EXT-SA-2011-012: Several vulnerabilities in third party extensions

TYPO3-EXT-SA-2011-013: Cross-Site scripting vulnerability in extension t3blog (t3blog)

TYPO3-EXT-SA-2011-011: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)

TYPO3-CORE-SA-2011-003: Improper error handling could lead to cache flooding in TYPO3 Core

TYPO3-CORE-SA-2011-002: Potential SQL injection vulnerability in TYPO3 Core

TYPO3-EXT-SA-2011-009: Several Vulnerabilities in extension MailformPlus (th_mailformplus)

TYPO3-EXT-SA-2011-008: Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)

TYPO3-EXT-SA-2011-007: Several Vulnerabilities in extension Direct Mail Subscription (direct_mail_subscription)

TYPO3-EXT-SA-2011-010: A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)

About

Roadmap

News

The Brand

The Trademarks

Community

Videos

Events

Contribute

Projects

Extension Repository

Support

Documentation

Release Notes

Getting Started

Core Documentation

TypoScript Reference