Description

The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.

Remediation

References

CVE-2010-5099

Related Vulnerabilities

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8420)

WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.69)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19212)

WordPress Plugin Correos Woocommerce Arbitrary File Download (1.3.0.0)

WordPress Plugin Post to Social Media-WordPress to Hootsuite Cross-Site Scripting (1.3.8)

Severity

Medium

Classification

CVE-2010-5099 CWE-20

Tags

Missing Update Known Vulnerabilities