Описание
TYPO3 Arbitrary Code Execution vulnerability on the backend
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
Пакеты
typo3/cms-backend
< 4.1.14
4.1.14
typo3/cms-backend
>= 4.2, < 4.2.13
4.2.13
typo3/cms-backend
>= 4.3, < 4.3.4
4.3.4
typo3/cms-backend
>= 4.4, < 4.4.1
4.4.1
Связанные уязвимости
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x ...