Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Apache Webserver
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2717 2 Apache, Typo3 2 Apache Webserver, Typo3 2024-11-21 6.5 MEDIUM N/A
TYPO3 4.0.x before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote attackers to bypass security restrictions and upload configuration files such as .htaccess, or conduct file upload attacks using multiple extensions.