CVE-2010-5101Path Traversal in CMS

CWE-22Path Traversal4 documents4 sources
Severity
4.0MEDIUMNVD
EPSS
0.4%
top 38.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Typo3 CMSTypo3
Timeline
PublishedMay 21
Latest updateMay 17

Description

Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

Packagisttypo3/cms4.2.04.2.16+2
NVDtypo3/typo329 versions+28

🔴Vulnerability Details

3
OSV
TYPO3 Directory Traversal vulnerability2022-05-17
GHSA
TYPO3 Directory Traversal vulnerability2022-05-17
CVEList
CVE-2010-5101: Directory traversal vulnerability in the TypoScript setup in TYPO3 42012-05-21
CVE-2010-5101 — Path Traversal in Typo3 CMS | cvebase