Security Bulletins for TYPO3 Extensions

Tue. 27th September, 2011

TYPO3-EXT-SA-2011-013: Cross-Site scripting vulnerability in extension t3blog (t3blog)

Advisory type: TYPO3 Extensions

Created by Dmitry Dulepov

It has been discovered that the extension "T3Blog" (t3blog) is vulnerable to Cross-Site Scripting.

Thu. 15th September, 2011

TYPO3-EXT-SA-2011-011: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)

Advisory type: TYPO3 Extensions

Created by Marcus Krause

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.

Wed. 7th September, 2011

TYPO3-EXT-SA-2011-009: Several Vulnerabilities in extension MailformPlus (th_mailformplus)

Advisory type: TYPO3 Extensions

Created by Georg Ringer

Several vulnerabilities have been found in the following third-party TYPO3 extension: th_mailformplus

Wed. 7th September, 2011

TYPO3-EXT-SA-2011-008: Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)

Advisory type: TYPO3 Extensions

Created by Georg Ringer

Several vulnerabilities have been found in the following third-party TYPO3 extension: rgsmoothgallery

Wed. 7th September, 2011

TYPO3-EXT-SA-2011-007: Several Vulnerabilities in extension Direct Mail Subscription (direct_mail_subscription)

Advisory type: TYPO3 Extensions

Created by Georg Ringer

Several vulnerabilities have been found in the following third-party TYPO3 extension: direct_mail_subscription

Wed. 7th September, 2011

TYPO3-EXT-SA-2011-010: A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)

Advisory type: TYPO3 Extensions

Created by Georg Ringer

A vulnerability has been found in the following third-party TYPO3 extension: ameos_dragndropupload

Mon. 29th August, 2011

TYPO3-EXT-SA-2011-006: Several vulnerabilities in third party extensions

Advisory type: TYPO3 Extensions

Created by Helmut Hummel

Several vulnerabilities have been found in the following third-party TYPO3 extensions: MM DAM - FEFileList (mm_dam_filelist), Events (julle_events),…

Fri. 26th August, 2011

TYPO3-EXT-SA-2011-005: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)

Advisory type: TYPO3 Extensions

Created by Sebastian Böttger

It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.

Thu. 25th August, 2011

TYPO3-EXT-SA-2011-004: Cross Site Scripting Vulnerability in extension Questionaire (pbsurvey)

Advisory type: TYPO3 Extensions

Created by Helmut Hummel

It has been discovered that the extension "Questionaire" (pbsurvey) is vulnerable to Cross-Site Scripting.

Thu. 25th August, 2011

TYPO3-EXT-SA-2011-003: Several Vulnerabilities in extension Formhandler (formhandler)

Advisory type: TYPO3 Extensions

Created by Helmut Hummel

It has been discovered that the extension Formhandler (formhandler) is vulnerable to SQL-Injection and Cross-Site Scripting.