News-Feeds:
Friday 20. of July 2007 T3N Magazine releases five current TYPO3 Articles
It is time again for a bunch of T3N articles - seven pages from the current issue (No. 8) have been translated for your reading pleasure.
Thursday 19. of July 2007 TYPO3 Security Bulletin 20070719-1: Remote shell command execution in extensions embedding PHPMailer
Multiple TYPO3 extensions is affected by the third party tool PHPMailer, which is vulnerable to a remote shell command execution.
Tuesday 17. of July 2007 TYPO3 4.1.2 and 4.0.7
The TYPO3 Core Team announces versions 4.1.2 and 4.0.7 of the TYPO3 Enterprise Content Management System.
Monday 16. of July 2007 TYPO3 Security Bulletin TYPO3-20070716-2: Information Disclosure from Extension phpmyadmin
An information disclosure issue has been found in the phpmyadmin extension of TYPO3 that may give access to phpinfo() information in special cases. The standalone version of phpmyadmin is not affected.
Monday 16. of July 2007 TYPO3 Security Bulletin 20070716-1: Cross Site Scripting vulnerability in faq
It has been discovered that the extension faq is susceptible to cross site scripting (XSS) attacks, making it possible to execute arbitrary JavaScript.
Thursday 12. of July 2007 TYPO3 Security Bulletin TYPO3-20070712-1: Multiple vulnerabilities in civserv
Multiple vulnerabilities has been found. Incorrect handling of input from GET/POST-variables, and allowing an attacker to execute XSS and/or SQL Injection attacks.
Tuesday 10. of July 2007 TYPO3 Security Bulletin TYPO3-20070710-1: SQL Injection in fechangepassword
It has been discovered that the extension fechangepassword is open for a SQL injection when updating the password.
