CVE-2010-5101
EPSS 0.41%TYPO3 Directory Traversal vulnerability
發布日:2022/5/17修改日:2025/4/12
描述
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
受影響套件(1)
- Packagist/typo3/cms>= 4.2.0, < 4.2.16
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U |
參考連結(9)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-5101
- PATCHhttps://github.com/TYPO3/typo3
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/64180
- WEBhttps://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
- WEBhttps://web.archive.org/web/20121103085228/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
- WEBhttp://www.openwall.com/lists/oss-security/2011/01/13/2
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/10/7
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/11/3
- WEBhttp://www.openwall.com/lists/oss-security/2012/05/12/5