TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2010-5101

N/A

Beschreibung

Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."

CVE Details

CVSS v3.1 BewertungN/A
Veroffentlicht5/21/2012
Zuletzt geandert4/29/2026
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

typo3:typo3

Schwachen (CWE)

CWE-22

Referenzen

http://secunia.com/advisories/35770(secalert@redhat.com)
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2011/01/13/2(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/05/10/7(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/05/11/3(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/05/12/5(secalert@redhat.com)
http://www.osvdb.org/70119(secalert@redhat.com)
http://www.securityfocus.com/bid/45470(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64180(secalert@redhat.com)
http://secunia.com/advisories/35770(af854a3a-2127-422b-91ae-364da2661108)
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2011/01/13/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/05/10/7(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/05/11/3(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/05/12/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/70119(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/45470(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/64180(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.