CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2010-1153

PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.5%

CVSS Severity

CVSS v2 Score 6.8

References

http://marc.info/?l=oss-security&m=127092306209177&w=2
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/
http://www.openwall.com/lists/oss-security/2010/04/12/1
http://marc.info/?l=oss-security&m=127092306209177&w=2
http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/
http://www.openwall.com/lists/oss-security/2010/04/12/1

Products affected by CVE-2010-1153

Typo3 » Typo3 » Version: 4.3.0

cpe:2.3:a:typo3:typo3:4.3.0
Typo3 » Typo3 » Version: 4.3.1

cpe:2.3:a:typo3:typo3:4.3.1
Typo3 » Typo3 » Version: 4.3.2

cpe:2.3:a:typo3:typo3:4.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1153

Products

Pricing

Contact Us