Typo3 : Security Vulnerabilities, CVEs, Published In 2012 (File inclusion) CVSS score >= 4
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter.
Max CVSS
6.8
EPSS Score
9.15%
Published
2012-02-18
Updated
2012-02-29
1 vulnerabilities found