Multiple vulnerabilities in third party extensions

Tue. 16th March, 2010

Several vulnerabilities have been found in the following third party TYPO3 extensions: Brainstorming (brainstorming), Power Extension Manager (ch_lightem), Widget Integration (chsellector), Educator (educator), MK Wastebasket (mk_wastebasket), myDashboard (mydashboard), CleanDB (nf_cleandb), Diocese of Portsmouth Database (pd_diocesedatabase), Reports Logfile View (reports_logview), SAV Filter Alphabetic (sav_filter_abc), SAV Filter Selectors (sav_filter_selectors), SAV Filter Months (sav_filter_months), Book Reviews (sk_bookreview), Simple Gallery (sk_simplegallery), Typo3 Quixplorer (t3quixplorer), TYPO3 Security - Salted user password hashes (t3sec_saltedpw), UserTask Center, recent (taskcenter_recent), TGM-Newsletter (tgm_newsletter), CleanDB - DBAL (tmsw_cleandb), Meet Travelmates (travelmate), YATSE - Yet another TYPO3 search engine (yatse)

This is a companion discussion topic for the original entry at