Описание
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| maverick | ignored | end of life |
| natty | not-affected | 4.3.9+dfsg1-1+squeeze1build0.11.04.1 |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | not-affected |
Показывать по
Ссылки на источники
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x ...
TYPO3 Arbitrary Code Execution vulnerability on the backend
6.5 Medium
CVSS2
8.8 High
CVSS3