It has been discovered that the extension "File manager" (ameos_filemanager) is susceptible to Remote Code Execution, SQL Injection and Information Disclosure.

More... (https://typo3.org/news/article/multiple-vulnerabilities-in-extension-file-manager-ameos-filemanager/)