CVE-2013-4250
CVE-2013-4250
The (1) file upload component and (2) File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →