Описание
The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| typo3-src | not-affected | package |
EPSS
Процентиль: 65%
0.00485
Низкий
Связанные уязвимости
nvd
больше 11 лет назад
The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250.
github
больше 3 лет назад
TYPO3 vulnerable to remote authenticated arbitrary code execution
EPSS
Процентиль: 65%
0.00485
Низкий