The File Abstraction Layer (FAL) in TYPO3 6.0.x prior to 6.0.9 and 6.1.x prior to 6.1.4 does not properly check permissions, which allows remote authenticated users to create or read arbitrary files via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
typo3 typo3 6.1.3 |
||
typo3 typo3 6.1.2 |
||
typo3 typo3 6.1 |
||
typo3 typo3 6.1.1 |
||
typo3 typo3 6.0 |
||
typo3 typo3 6.0.5 |
||
typo3 typo3 6.0.7 |
||
typo3 typo3 6.0.6 |
||
typo3 typo3 6.0.8 |
||
typo3 typo3 6.0.1 |
||
typo3 typo3 6.0.2 |
||
typo3 typo3 6.0.3 |
||
typo3 typo3 6.0.4 |