Description
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector.
Remediation
References
Related Vulnerabilities
MySQL CVE-2012-2750 Vulnerability (CVE-2012-2750)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-6819)
WordPress Plugin MailPoet Newsletters (Previous) 'swfupload.swf' Cross-Site Scripting (2.1.6)
WordPress Plugin WP Job Manager Privilege Escalation (1.34.3)
ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-4753)