Multiple vulnerabilities in third party extensions

Tue. 15th December, 2009

Several vulnerabilities have been found in the following third party TYPO3 extensions: Car (car), TYPO3 Watchdog (aba_watchdog), File list (dr_blob), ListMan (nl_listman), XDS Staff List (xds_staff), Document Directorys (danp_documentdirs), Random Prayer Version 2 (ste_prayer2), Diocese of Portsmouth Resources Database (pd_resources), Parish of the Holy Spirit Religious Art Gallery (hs_religiousartgallery), Parish Administration Database (ste_parish_admin), Diocese of Portsmouth Calendar (pd_calendar), Flash SlideShow (slideshow), Subscription (mf_subscription), No indexed Search (no_indexed_search), Job Exchange (jobexchange), Training Company Database (trainincdb), ZID Linkliste (zid_linklist), vShoutbox (vshoutbox), Frontend news submitter with RTE (fe_rtenews)

This is a companion discussion topic for the original entry at