TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-1153)
Description
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.