TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend.
View Full Alert
Related Posts
CVE-2010-2490Mumble: murmur-server has DoS due to malformed client query View Full Alert
CVE-2010-3293mailscanner can allow local users to prevent virus signatures from being updated View Full Alert
CVE-2010-0747drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725. View Full Alert
