Critical severityNVD Advisory· Published Oct 16, 2019· Updated Aug 5, 2024
CVE-2019-16700
CVE-2019-16700
Description
The slub_events (aka SLUB: Event Registration) extension through 3.0.2 for TYPO3 allows uploading of arbitrary files to the webserver. For versions 1.2.2 and below, this results in Remote Code Execution. In versions later than 1.2.2, this can result in Denial of Service, since the web space can be filled up with arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
slub/slub-eventsPackagist | < 3.0.3 | 3.0.3 |
Affected products
2- TYPO3/SLUB: Event Registrationdescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-5pww-3mfc-g8vrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-16700ghsaADVISORY
- extensions.typo3.org/extension/slub_eventsghsax_refsource_MISCWEB
- typo3.org/security/advisory/typo3-ext-sa-2019-017ghsaWEB
- typo3.org/security/advisory/typo3-ext-sa-2019-017/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.