Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Prion
Prionadded 2022/06/14 9:15 p.m.19 views

Design/Logic Flaw

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export internal details...

4CVSS4.5AI score0.00148EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2022/06/14 8:50 p.m.12 views

CVE-2022-31048 Cross-Site Scripting in Form Framework

TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit...

5.4CVSS5.1AI score0.0063EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/06/14 12:0 a.m.1 views

TYPO3 代码问题漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A code issue vulnerability exists in TYPO3 that stems from the fact that administrative tool sessions initiated through the TYPO3 back-end user interface are not revoked, and affects the...

7.2CVSS7.1AI score0.00439EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/06/14 12:0 a.m.1 views

TYPO3 日志信息泄露漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A log message disclosure vulnerability exists in TYPO3, which arises from the fact that internal system credentials or keys can be logged in plaintext in an exception handler, and affects...

6.5CVSS6.4AI score0.00391EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/06/14 12:0 a.m.1 views

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 that arises from the use of user-submitted content that is not properly encoded in the HTML email sent to the user, and affects the...

5.4CVSS5.4AI score0.0063EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/06/14 12:0 a.m.2 views

PT-2022-20487 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 9.5.34 ELTS TYPO3 versions prior to 10.4.29 TYPO3 versions prior to 11.5.11 Description: The issue concerns user-submitted content not being properly encoded in HTML emails sent to users. The affected components are ma...

5.4CVSS5.2AI score0.0063EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2022/06/14 12:0 a.m.4 views

PT-2022-20485 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 7.6.57 ELTS TYPO3 versions prior to 8.7.47 ELTS TYPO3 versions prior to 9.5.34 ELTS TYPO3 versions prior to 10.4.29 TYPO3 versions prior to 11.5.11 Description: System internal credentials or keys, such as database...

6.5CVSS6.2AI score0.00391EPSS
Exploits0References11
Rows per page
Query Builder