Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2009-0815
HistoryMar 05, 2009 - 2:30 a.m.

Cross site request forgery (csrf)

2009-03-0502:30:00
PRIOn knowledge base
www.prio-n.com
1

7 High

AI Score

Confidence

Low

0.184 Low

EPSS

Percentile

96.2%

JSON

The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.

CPENameOperatorVersion
typo3eq4.3 alpha1
typo3eq3.5.120
typo3eq4.2.4
typo3eq4.1
typo3eq4.2
typo3eq4.2.5
typo3eq4.1.8
typo3eq4.1.6
typo3eq4.2.0
typo3eq4.2.3
Rows per page:
1-10 of 241

Related

cvelist 1
nvd 1
cve 1
nessus 3
dsquare 1
freebsd 1
openvas 4
cvelist
cvelist
CVE-2009-0815
2009-03-05 02:00:00
nvd
nvd
CVE-2009-0815
2009-03-05 02:30:00
cve
cve
CVE-2009-0815
2009-03-05 02:30:00
nessus
nessus
TYPO3 'jumpUrl' Mechanism Information Disclosure
2009-02-12 00:00:00
FreeBSD : typo3 -- XSS and information disclosure (cc47fafe-f823-11dd-94d9-0030843d3802)
2009-02-12 00:00:00
Debian DSA-1720-1 : typo3-src - several vulnerabilities
2009-02-12 00:00:00
dsquare
dsquare
Typo3 FD
2012-01-26 00:00:00
freebsd
freebsd
typo3 -- cross-site scripting and information disclosure
2009-02-10 00:00:00
openvas
openvas
TYPO3 jumpUrl File Disclosure Vulnerability (TYPO3-SA-2009-002)
2013-12-26 00:00:00
Debian Security Advisory DSA 1720-1 (typo3-src)
2009-02-13 00:00:00
FreeBSD Ports: typo3
2009-02-13 00:00:00

7 High

AI Score

Confidence

Low

0.184 Low

EPSS

Percentile

96.2%

JSON
Related for PRION:CVE-2009-0815
cvelist1nvd1cve1nessus3dsquare1freebsd1openvas4