Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature (HMAC) for a request argument."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3 Extbase Framework 安全漏洞
Vulnerability Description
Typo3是基于PHP和MySQL数据库的开源内容管理系统(CMS)和内容管理框架(CMF)的领导性品牌之一,是强大的开源解决方案。 TYPO3 4.6.x至4.6.6版本、4.7版本、6.0版本中的Extbase Framework中存在漏洞,该漏洞源于未序列化非信任数据。远程攻击者可利用该漏洞通过与‘缺少签名(HMAC)的请求参数’相关的向量,非序列化任意对象并执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A