CVE-2009-4160: TYPO3 Simple Download-System with Counter and Categories Vulnerable to Information Disclosure

May 2, 2022 (updated April 10, 2025)

Unspecified vulnerability in the Simple download-system with counter and categories (kk_downloader) extension 1.2.1 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.

References

github.com/advisories/GHSA-p65f-652v-35r2
github.com/jweiland-net/kk_downloader
nvd.nist.gov/vuln/detail/CVE-2009-4160
web.archive.org/web/20091219105714/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-017
web.archive.org/web/20200228220902/http://www.securityfocus.com/bid/37168

Code Behaviors & Features

Detect and mitigate CVE-2009-4160 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →