High severityNVD Advisory· Published Apr 20, 2010· Updated Jun 16, 2026
CVE-2010-1153
CVE-2010-1153
Description
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
typo3/cmsPackagist | >= 4.3.0, < 4.3.3 | 4.3.3 |
Affected products
4Patches
Vulnerability mechanics
References
6- typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/nvdVendor Advisory
- github.com/advisories/GHSA-4h9j-f98m-p4hgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2010-1153ghsaADVISORY
- marc.infonvdWEB
- www.openwall.com/lists/oss-security/2010/04/12/1nvdWEB
- web.archive.org/web/20100813082506/http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008ghsaWEB
News mentions
0No linked articles in our index yet.