This host is installed with TYPO3 and is prone to multiple vulnerabilities.

Successful exploitation will allow remote attackers to steal the victim's cookie-based authentication credentials or access arbitrary file. Impact Level: Application

Upgrade to TYPO3 version 4.0.12, 4.1.10, 4.2.6 or later, or apply the patch mentioned in the below link http://typo3.org/teams/security/security-bulletins/typo3-core/TYPO3-SA-2009-002/

Multiple error exists in the application, - An error exist in jumpUrl mechanism, which will disclose a hash secret. - An error exist in backend user interface, which fails to validate user supplied input properly.

TYPO3 versions 3.3.x, 3.5.x, 3.6.x, 3.7.x, 3.8.x, 4.0 to 4.0.11, 4.1.0 to 4.1.9, 4.2.0 to 4.2.5, 4.3alpha1

Send a Crafted HTTP GET request and check whether it is able to fetch a remote file.

• http://osvdb.org/52048
• http://osvdb.org/52050
• http://typo3.org/teams/security/security-bulletins/typo3-core/TYPO3-SA-2009-002/
• http://www.securitytracker.com/id?1021710

---

Updated on 2015-03-25