CVE-2010-3663

Published: 2019-11-04T22:15Z

Last Modified: 2024-11-21T01:19Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute arbitrary code on the backend. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt