Description

PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.

Remediation

References

CVE-2010-1153

Related Vulnerabilities

reveal.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8127)

Citrix ADC NetScaler Local File Inclusion (CVE-2020-8193)

MySQL CVE-2019-2968 Vulnerability (CVE-2019-2968)

IBM WebSEAL Insertion of Sensitive Information into Log File Vulnerability (CVE-2017-1480)

WordPress Plugin ELEX WooCommerce Google Shopping (Google Product Feed) Cross-Site Scripting (1.2.3)

Severity

Medium

Classification

CVE-2010-1153 CWE-94

Tags

Missing Update Known Vulnerabilities