Security issues in several third party TYPO3 extensions including commerce and t3m

Categories: Security Created by Michael Stucki on behalf of the Security Team
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Commerce" (commerce), "T3M E-Mail Marketing Tool" (t3m), "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch" (ast_addresszipsearch), "Car" (car), "Event Registration" (event_registr), "Solidbase Bannermanagement" (SBbanner), "t3m_affiliate" (t3m_affiliate), "AJAX Chat" (vjchat)

For further information on the issue in extension "Commerce" (commerce), please read the related advisory TYPO3-SA-2009-011 that was published today:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-011/

For further information on the issue in extension "T3M E-Mail Marketing Tool" (t3m), please read the related advisory TYPO3-SA-2009-012 that was published today:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-012/

For further information on all CSB (Collective Security Bulletin) issues, please read the related advisory TYPO3-SA-2009-013 that was published today:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-013/

In general the TYPO3 Security Team recommends to read the following pages:
 

In general the TYPO3 Security Team recommends to read the following pages: