PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x prior to 4.5.9, 4.6.x prior to 4.6.2, and development versions of 4.7 allows remote malicious users to execute arbitrary PHP code via a URL in the BACK_PATH parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
typo3 typo3 4.5.2 |
||
typo3 typo3 4.5.3 |
||
typo3 typo3 4.5.4 |
||
typo3 typo3 4.5.5 |
||
typo3 typo3 4.5.1 |
||
typo3 typo3 4.5.6 |
||
typo3 typo3 4.5.8 |
||
typo3 typo3 4.5 |
||
typo3 typo3 4.5.7 |
||
typo3 typo3 4.6 |
||
typo3 typo3 4.6.1 |