Security Advisories
All Advisories
TYPO3-SA-2009-008: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "FrontEnd MP3 Player" (fe_mp3player), "Search In Tables"…
TYPO3-SA-2009-007: TYPO3 Security Bulletin
It has been discovered that the extension Virtual Civil Services (civserv) is vulnerable to SQL-injections.
TYPO3-SA-2009-006: TYPO3 Security Bulletin
It has been discovered that the extension CWT Community (cwt_community) is vulnerable to SQL-injections.
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-CIVSERV-CWT-COMMUNITY-AND-VE-GUESTBOOK: Security issues in several third party TYPO3 extensions including civserv, cwt_community and ve_guestbook
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Virtual Civil Services" (civserv), "Modern Guestbook /…
TYPO3-SA-2009-005: Multiple vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "A21glossary Advanced Output" (a21glossary_advanced_output),…
TYPO3-SA-2009-004: Information Disclosure in third party extension "Frontend User registration"
It has been discovered that the TYPO3 extension "Frontend User Registration" (sr_feuser_register) is susceptible to Information Disclosure.
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-INCLUDING-SR-FEUSER-REGISTER: Security issues in several third party TYPO3 extensions including sr_feuser_register
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Frontend User Registration" (sr_feuser_register), "A21glossary…
TYPO3-SA-2009-003: Multiple vulnerabilities in TYPO3 third party extensions
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Accessibility Glossary" (a21glossary), "Calendar Base" (cal),…
SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS-CONTAIN-SECURITY-ISSUES: Several third party TYPO3 extensions contain security issues
Vulnerabilities have been found in the following third party TYPO3 extensions: "Accessibility Glossary" (a21glossary), "Calendar Base" (cal), "Flat…
INFORMATION-DISCLOSURE-XSS-IN-TYPO3-CORE: Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting.
TYPO3-SA-2009-002: Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting.
IMPORTANT-SECURITY-BULLETIN-PRE-ANNOUNCEMENT: Important Security-Bulletin Pre-Announcement
Serious security issue found in TYPO3 core.
TYPO3-SA-2009-015: XSS and SQL injection vulnerabilities in extension "phpMyAdmin" (phpmyadmin)
It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to XSS and SQL injections.
MULTIPLE-SECURITY-ISSUES-FOUND-IN-TYPO3-CORE: Multiple security issues found in TYPO3 core
It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and…
TYPO3-SA-2009-001: Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Broken Authentication and Session Management, Cross-Site Scripting, Insecure Randomness and…
SECURITY-ISSUES-IN-SEVERAL-THIRD-PARTY-TYPO3-EXTENSIONS: Security issues in several third party TYPO3 extensions
Security vulnerabilities have been discovered in the following third party TYPO3 extensions: "phpMyAdmin" (phpmyadmin), "DR Wiki - Typo3 Wiki…
TYPO3-20081222-4: TYPO3 Security Bulletin
Several vulnerabilities have been found in the following third party TYPO3 extensions: "Vox populi" (mv_vox_populi), "SB Universal Plugin"…
TYPO3-20081222-3: TYPO3 Security Bulletin
It has been discovered that the extension DR Wiki - Typo3 Wiki extension (dr_wiki) is vulnerable to Cross-Site Scripting (XSS).
TYPO3-20081222-2: TYPO3 Security Bulletin
It has been discovered that the extension WEC Discussion Forum (wec_discussion) is vulnerable to Cross-Site Scripting (XSS) and SQL injection.
TYPO3-20081222-1: TYPO3 Security Bulletin
It has been discovered that the extension phpMyAdmin (phpmyadmin) is vulnerable to SQL injections via XSRF.