TYPO3 9.5.7: Overriding the Database to Execute Code
5 min read
16 Jul 2019
by
Robin Peraglie
In this technical blog post we examine a critical vulnerability in the core of the TYPO3 CMS which was detected by our static code analysis tool RIPS (CVE-2019-12747). A reliable exploit allows the execution of arbitrary PHP code on the underlying system as authenticated user.