CVE-2010-5101
EPSS 0.41%TYPO3 Directory Traversal vulnerability
Published: 5/17/2022Modified: 4/12/2025
Also known as:GHSA-rmqc-wfjm-3f66
Description
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
Affected packages (1)
- Packagist/typo3/cms>= 4.2.0, < 4.2.16
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
References (9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-5101
- PATCHhttps://github.com/TYPO3/typo3
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/64180
- WEBhttps://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
- WEBhttps://web.archive.org/web/20121103085228/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
- WEBhttp://www.openwall.com/lists/oss-security/2011/01/13/2
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/10/7
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/11/3
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/12/5