[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire

December 1, 2014 007admin Leave a comment

Posted by RedTeam Pentesting GmbH on Dec 01

Advisory: Information Disclosure in TYPO3 Extension ke_questionnaire

The TYPO3 extension ke_questionnaire stores answered questionnaires in a
publicly reachable directory on the webserver with filenames that are
easily guessable.

Details
=======

Product: ke_questionnaire
Affected Versions: 2.5.2 (possibly all versions)
Fixed Versions: unknown
Vulnerability Type: Information Disclosure
Security Risk: medium
Vendor URL:…

007 Software

[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire

Leave a Reply Cancel reply

Software and Security Information