CVE-2010-5099: TYPO3 Path Traversal vulnerability

May 17, 2022 (updated April 12, 2025)

The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.

References

exchange.xforce.ibmcloud.com/vulnerabilities/64180
github.com/TYPO3/typo3
github.com/advisories/GHSA-66j3-66cp-6c2m
nvd.nist.gov/vuln/detail/CVE-2010-5099
web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022

Code Behaviors & Features

Detect and mitigate CVE-2010-5099 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →