News-Feeds:
Monday 11. of June 2007 TYPO3 Security Bulletin TYPO3-20070608-1: SQL injection in macina_banners / ric_rotation
It has been discovered that the extensions macina_banners and its descendant ric_rotation are exposed to an SQL injection issue because they fail to properly sanitize user-supplied input.
Wednesday 21. of February 2007 TYPO3 Security Bulletin TYPO3-20070221-1: Email header injection
A problem has been discovered where the internal form engine can be used for sending arbitrary mail headers, using it for purposes which it is not meant for.
Wednesday 20. of December 2006 TYPO3 Security Bulletin TYPO3-20061220-1: Remote Command Execution in TYPO3
Component Type: System Extension (TYPO3 Versions 4.0-4.0.3, 4.1beta)
Third Party Extension (TYPO3 Versions up to 3.8.1). SinceTYPO3 Version 4.0 the extension is part of the TYPO3 defaultinstallation
Affected Versions: TYPO3...
Tuesday 19. of December 2006 Pre-announcement for important security update
Dear fellow TYPO3 enthusiast,we know you all are preparing for Christmas right now. We would therefore like to inform you in advance that you should be very awake and ready to do some maintenance on your TYPO3 installations...
Tuesday 10. of October 2006 Security Bulletin TYPO3-20061010-1: fe_adminLib.inc
A Cross-Site-Scripting (XSS) problem has been discovered in fe_adminLib.inc
Monday 11. of September 2006 Security Bulletin TYPO3-20060911-1: indexed search
A Cross-Site-Scripting (XSS) problem has been discovered in indexed search.
Saturday 02. of September 2006 Security Bulletin TYPO3-20060902-1: tip-a-friend
A problem has been discovered with tip-a-friend being vulnerable to Cross-Site-Scripting (XSS)
