Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In TYPO3 11.5.24, the filelist component allows attackers (who have access to the administrator panel) to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in data[sys_file_storage]*[data][sDEF][lDEF][basePath][vDEF].
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TYPO3 路径遍历漏洞
Vulnerability Description
TYPO3是瑞士TYPO3协会的一套免费开源的内容管理系统(框架)(CMS/CMF)。 TYPO3 11.5.24版本存在路径遍历漏洞。攻击者利用该漏洞通过 Baseuri 字段利用目录遍历来读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A