CVE-2010-5101
published 2012-05-21CVE-2010-5101: Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated…
PriorityP425medium4CVSS 2.0
AVNACLAuSCPINAN
EPSS
1.95%
77.7th percentile
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms | >= 4.2.0 < 4.2.16 | 4.2.16 |
| typo3 | cms | >= 4.3.0 < 4.3.9 | 4.3.9 |
| typo3 | cms | >= 4.4.0 < 4.4.5 | 4.4.5 |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
TYPO3 Directory Traversal vulnerability
osv·2022-05-17
CVE-2010-5101 [MEDIUM] TYPO3 Directory Traversal vulnerability
TYPO3 Directory Traversal vulnerability
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
GHSA
TYPO3 Directory Traversal vulnerability
ghsa·2022-05-17
CVE-2010-5101 [MEDIUM] CWE-22 TYPO3 Directory Traversal vulnerability
TYPO3 Directory Traversal vulnerability
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/35770http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/http://www.openwall.com/lists/oss-security/2011/01/13/2http://www.openwall.com/lists/oss-security/2012/05/10/7http://www.openwall.com/lists/oss-security/2012/05/11/3http://www.openwall.com/lists/oss-security/2012/05/12/5http://www.osvdb.org/70119http://www.securityfocus.com/bid/45470https://exchange.xforce.ibmcloud.com/vulnerabilities/64180http://secunia.com/advisories/35770http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/http://www.openwall.com/lists/oss-security/2011/01/13/2http://www.openwall.com/lists/oss-security/2012/05/10/7http://www.openwall.com/lists/oss-security/2012/05/11/3http://www.openwall.com/lists/oss-security/2012/05/12/5http://www.osvdb.org/70119http://www.securityfocus.com/bid/45470https://exchange.xforce.ibmcloud.com/vulnerabilities/64180
2012-05-21
Published