CVE-2011-4614
published 2012-02-18CVE-2011-4614: PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x…
PriorityP346medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
5.63%
92.0th percentile
PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACK_PATH parameter.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/47201http://typo3.org/fileadmin/security-team/bug32571/32571.diffhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/http://www.openwall.com/lists/oss-security/2011/12/16/1http://www.osvdb.org/77776http://secunia.com/advisories/47201http://typo3.org/fileadmin/security-team/bug32571/32571.diffhttp://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-004/http://www.openwall.com/lists/oss-security/2011/12/16/1http://www.osvdb.org/77776
2012-02-18
Published