rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-12-21T21:00:00
Updated: 2024-08-07T20:33:59.962Z
Reserved: 2006-12-21T00:00:00
Link: CVE-2006-6690
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-12-21T21:28:00.000
Modified: 2024-11-21T00:23:24.967
Link: CVE-2006-6690
Redhat
No data.