Description

Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."

Remediation

References

CVE-2010-5101

Related Vulnerabilities

SharePoint CVE-2021-40484 Vulnerability (CVE-2021-40484)

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0383)

Craft CMS Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2021-41824)

WordPress Plugin Role Scoper Cross-Site Scripting (1.3.66)

WordPress Plugin Yet Another Photoblog Unspecified Vulnerability (1.10.6)

Severity

Medium

Classification

CVE-2010-5101 CWE-22

Tags

Missing Update Known Vulnerabilities