Lucene search
K

8 matches found

NCSC
NCSC
added 2026/01/16 10:11 a.m.42 views

Vulnerabilities fixed in TYPO3 CMS

TYPO3 has fixed vulnerabilities in TYPO3 CMS Specific to certain versions. The vulnerabilities in TYPO3 CMS allow attackers to bypass field-level access controls, insert unauthorized data into restricted database fields, and manipulate redirect records without any restrictions. In addition,...

8.1CVSS7.4AI score0.0038EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/14 12:26 p.m.7 views

CVE-2025-59020

By exploiting the defVals parameter, attackers could bypass field‑level access checks during record creation in the TYPO3 backend. This gave them the ability to insert arbitrary data into prohibited exclude fields of a database table for which the user already has write permission for a reduced s...

6.5CVSS6.9AI score0.00287EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.8 views

PT-2026-2474

By exploiting the defVals parameter, attackers could bypass field‑level access checks during record creation in the TYPO3 backend. This gave them the ability to insert arbitrary data into prohibited exclude fields of a database table for which the user already has write permission for a reduced s...

5.3CVSS6.9AI score0.00287EPSS
Exploits0References7
OSV
OSV
added 2021/01/01 1:15 a.m.4 views

CVE-2016-20004

The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...

9.8CVSS5.8AI score0.0118EPSS
Exploits0References1
NVD
NVD
added 2021/01/01 1:15 a.m.13 views

CVE-2016-20004

The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...

9.8CVSS9.6AI score0.0118EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/01/01 12:0 a.m.8 views

Drupal Security Vulnerabilities

Drupal is an open source content management system developed in PHP by the Drupal community. A security vulnerability exists in Drupal REST/JSON project 7.x-1.x that allows field access bypass...

9.8CVSS7.3AI score0.0118EPSS
Exploits0References1
CVE
CVE
added 2020/12/31 11:27 p.m.85 views

CVE-2016-20004

Technical details are not publicly available in the provided documents; monitor for updates.

9.8CVSS9.4AI score0.0118EPSS
Exploits0References1Affected Software1
Drupal
Drupal
added 2016/06/08 12:0 a.m.14 views

REST JSON - Multiple Vulnerabilities - Highly Critical - Unsupported - SA-CONTRIB-2016-033

This module enables you to expose content, users and comments via a JSON API. The module contains multiple vulnerabilities including Node access bypass Comment access bypass User enumeration Field access bypass User registration bypass Blocked user login Session name guessing Session enumeration...

7.3AI score
Exploits0References10
Rows per page
Query Builder