Security Advisories
All Advisories
TYPO3-CORE-SA-2011-003: Improper error handling could lead to cache flooding in TYPO3 Core
It has been discovered that TYPO3 is susceptible to Cache Flooding
TYPO3-CORE-SA-2011-002: Potential SQL injection vulnerability in TYPO3 Core
It has been discovered that the TYPO3 prepared statement database API allows SQL Injections.
SECURITY-ISSUES-IN-THIRD-PARTY-TYPO3-EXTENSIONS-4: Security issues in third-party TYPO3 extensions
Security vulnerabilities have been discovered in third-party TYPO3 extensions: direct_mail_subscription, rgsmoothgallery, th_mailformplus,…
TYPO3-EXT-SA-2011-009: Several Vulnerabilities in extension MailformPlus (th_mailformplus)
Several vulnerabilities have been found in the following third-party TYPO3 extension: th_mailformplus
TYPO3-EXT-SA-2011-008: Several Vulnerabilities in extension SmoothGallery for TYPO3 (rgsmoothgallery)
Several vulnerabilities have been found in the following third-party TYPO3 extension: rgsmoothgallery
TYPO3-EXT-SA-2011-007: Several Vulnerabilities in extension Direct Mail Subscription (direct_mail_subscription)
Several vulnerabilities have been found in the following third-party TYPO3 extension: direct_mail_subscription
TYPO3-EXT-SA-2011-010: A vulnerability in extension Drag Drop Mass Upload (ameos_dragndropupload)
A vulnerability has been found in the following third-party TYPO3 extension: ameos_dragndropupload
SECURITY-ISSUES-IN-THIRD-PARTY-TYPO3-EXTENSIONS-5: Security issues in third-party TYPO3 extensions
Security vulnerabilities have been discovered in third-party TYPO3 extensions: MM DAM - FEFileList (mm_dam_filelist), Events (julle_events), WEC Staff…
TYPO3-EXT-SA-2011-006: Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: MM DAM - FEFileList (mm_dam_filelist), Events (julle_events),…
TYPO3-EXT-SA-2011-005: Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting.
SECURITY-ISSUES-IN-THIRD-PARTY-EXTENSION-PHPMYADMIN-PHPMYADMIN-2: Security issues in third party extension "phpMyAdmin" (phpmyadmin)
Multiple Cross-Site Scripting vulnerabilities have been discovered in the third party TYPO3 extension "phpMyAdmin" (phpmyadmin) For further…
SECURITY-ISSUES-IN-TWO-THIRD-PARTY-EXTENSIONS: Security issues in two third party extensions
Several vulnerabilities have been discovered in the third party TYPO3 extensions Formhandler and Questionaire For further information on the issue in…
TYPO3-EXT-SA-2011-004: Cross Site Scripting Vulnerability in extension Questionaire (pbsurvey)
It has been discovered that the extension "Questionaire" (pbsurvey) is vulnerable to Cross-Site Scripting.
TYPO3-EXT-SA-2011-003: Several Vulnerabilities in extension Formhandler (formhandler)
It has been discovered that the extension Formhandler (formhandler) is vulnerable to SQL-Injection and Cross-Site Scripting.
TYPO3-EXT-SA-2011-002: Multiple SQL Injection vulnerabilities in extension "Website Photo Gallery" (jm_gallery)
It has been discovered that the extension Website Photo Gallery (jm_gallery) is vulnerable to SQL injection.
SECURITY-ISSUE-IN-THIRD-PARTY-EXTENSION-WEBSITE-PHOTO-GALLERY-JM-GALLERY: Security issue in third party extension "Website Photo Gallery" (jm_gallery)
SQL Injection vulnerabilities have been discovered in the third party TYPO3 extension "Website Photo Gallery" (jm_gallery) For further information on…
MULTIPLE-SECURITY-ISSUES-FOUND-IN-TYPO3-CORE-5: Multiple security issues found in TYPO3 core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting (XSS), Information Disclosure, Authentication Delay Bypass, Unserialize()…
TYPO3-CORE-SA-2011-001: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting (XSS), Information Disclosure, Authentication Delay Bypass, Unserialize()…
SECURITY-ISSUES-IN-THIRD-PARTY-EXTENSION-PHPMYADMIN-PHPMYADMIN-3: Security issues in third party extension "phpMyAdmin" (phpmyadmin)
Security vulnerabilities have been discovered in the third party TYPO3 extension "phpMyAdmin" (phpmyadmin) For further information on the issue in…
TYPO3-EXT-SA-2011-001: Several vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to Cross-Site Scripting, Local File Inclusion, Code Execution and…