CVE-2012-3527 in TYPO3info

Summary

view_help.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature (HMAC)."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

06/14/2012

Disclosure

09/05/2012

Moderation

VulDB entry created

Entries

2: VDB-5987

CPE

ready

CWE

CWE-310 (Confirmed)

CVSS

6.3

EPSS

0.02065

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3527
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3527
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3527/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!