Description
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.
Remediation
References
Related Vulnerabilities
WordPress Server-Side Request Forgery (3.7 - 6.1.1)
MySQL Other Vulnerability (CVE-2003-0073)
Jboss EAP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-3878)
WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (3.9.4)
WordPress Plugin WooCommerce Unspecified Vulnerability (3.5.3)