Description
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2006-5332 Vulnerability (CVE-2006-5332)
math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-3143)
Joomla! Core 3.x.x Security Bypass (3.1.0 - 3.8.12)
WordPress 4.7.x Cross-Domain Flash Injection Vulnerability (4.7 - 4.7.8)