Typo3 : Security Vulnerabilities, CVEs, (File inclusion) CVSS score >= 6
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter.
Max CVSS
6.8
EPSS Score
9.15%
Published
2012-02-18
Updated
2012-02-29
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.
Max CVSS
6.8
EPSS Score
0.59%
Published
2010-04-20
Updated
2010-06-03
2 vulnerabilities found