Security Advisories
All Advisories
TYPO3-SA-2009-014: TYPO3 Security Bulletin
Several vulnerabilities have been found in the following third party TYPO3 extensions: Apache Solr Search (solr), Random Images (maag_randomimage),…
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-COMMERCE-AND-T3M: Security issues in several third party TYPO3 extensions including commerce and t3m
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Commerce" (commerce), "T3M E-Mail Marketing Tool" (t3m),…
TYPO3-SA-2009-013: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "AIRware Lexicon" (air_lexicon), "AST ZipCodeSearch"…
TYPO3-SA-2009-012: Blind SQL Injection vulnerability in extension T3M E-Mail Marketing Tool (t3m)
It has been discovered that the extension T3M E-Mail Marketing Tool (t3m) is vulnerable to Blind SQL Injection attacks.
TYPO3-SA-2009-011: Cross-Site Scripting vulnerability in extension Commerce (commerce)
It has been discovered that the extension Commerce (commerce) is vulnerable to Cross-Site Scripting attacks.
TYPO3-SA-2009-010: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password"…
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-COOLURI-CWT-RESETBEPASSWORD-DATAMINTS-NEWSTICKER-GB-FENEWSSUBMIT-MAILFORM-MYTH-DOWNLOAD-PM-TOUR-TWITTERSEARCH-WS-ECARD-WS-GALLERY: Security issues in several third party TYPO3 extensions including cooluri, cwt_resetbepassword, datamints_newsticker, gb_fenewssubmit, mailform, myth_download, pm_tour, twittersearch, ws_ecard, ws_gallery
Several vulnerabilities have been found in the following third party TYPO3 extensions: "CoolURI" (cooluri), "Reset backend password"…
TYPO3-SA-2009-009: Cross-Site Scripting vulnerability in extension Modern Guestbook / Commenting System (ve_guestbook)
It has been discovered that the extension Modern Guestbook / Commenting system (ve_guestbook) is vulnerable to Cross-Site Scripting.
TYPO3-SA-2009-008: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "FrontEnd MP3 Player" (fe_mp3player), "Search In Tables"…
TYPO3-SA-2009-007: TYPO3 Security Bulletin
It has been discovered that the extension Virtual Civil Services (civserv) is vulnerable to SQL-injections.
TYPO3-SA-2009-006: TYPO3 Security Bulletin
It has been discovered that the extension CWT Community (cwt_community) is vulnerable to SQL-injections.
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-CIVSERV-CWT-COMMUNITY-AND-VE-GUESTBOOK: Security issues in several third party TYPO3 extensions including civserv, cwt_community and ve_guestbook
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Virtual Civil Services" (civserv), "Modern Guestbook /…
TYPO3-SA-2009-005: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "A21glossary Advanced Output" (a21glossary_advanced_output),…
TYPO3-SA-2009-004: Information Disclosure in third party extension "Frontend User registration"
It has been discovered that the TYPO3 extension "Frontend User Registration" (sr_feuser_register) is susceptible to Information Disclosure.
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-SR-FEUSER-REGISTER: Security issues in several third party TYPO3 extensions including sr_feuser_register
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Frontend User Registration" (sr_feuser_register), "A21glossary…
TYPO3-SA-2009-003: Multiple vulnerabilities in TYPO3 third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Accessibility Glossary" (a21glossary), "Calendar Base" (cal),…
SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-CONTAIN-SECURITY-ISSUES: Several third party TYPO3 extensions contain security issues
Vulnerabilities have been found in the following third party TYPO3 extensions: "Accessibility Glossary" (a21glossary), "Calendar Base" (cal), "Flat…
INFORMATION-DISCLOSURE-XSS-IN-TYPO3-CORE: Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting.
TYPO3-SA-2009-002: Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting.
IMPORTANT-SECURITY-BULLETIN-PRE-ANNOUNCEMENT: Important Security-Bulletin Pre-Announcement
Serious security issue found in TYPO3 core.