The Backend subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2, when the DAM extension or ftp upload is enabled, allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2009-11-02T15:00:00
Updated: 2024-08-07T06:38:29.735Z
Reserved: 2009-10-09T00:00:00
Link: CVE-2009-3631
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-11-02T15:30:00.670
Modified: 2024-11-21T01:07:50.940
Link: CVE-2009-3631
Redhat
No data.