Security vulnerabilities have been discovered in third party TYPO3 extensions: "Photogallery" (ce_gallery), "SEO Photogallery by Evorion" (evgallery).

More... (http://news.typo3.org/news/article/security-issues-in-third-party-typo3-extensions-2/)