Lucene search
K

7 matches found

Snyk
Snyk
added 2026/06/12 7:9 p.m.4 views

Deserialization of Untrusted Data

Overview typo3/cms-extbase is a TYPO3 CMS Extbase - Extension framework to create TYPO3 frontend plugins and TYPO3 backend modules. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the VariableFrontend or Registry. An attacker can execute arbitrary PHP cod...

9.3CVSS6.1AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-4501

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.03121EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3022

Malicious code in bioql PyPI...

5CVSS6.4AI score0.02365EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 12:16 p.m.9 views

CVE-2012-1605

The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via vectors related to "a missing signature HMAC for a request argument."...

5CVSS7.9AI score0.02365EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.8 views

SUSE CVE-2013-1842

SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...

7.5CVSS8.5AI score0.03121EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/10/27 12:0 a.m.8 views

The vulnerability of the extbase extension of the TYPO3 content management system allows a hacker to execute arbitrary code.

The vulnerability of the extbase extension of the TYPO3 content management system arises from deserialization issues. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS7.9AI score0.02575EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/01/23 9:59 p.m.27 views

CVE-2016-5091

Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action...

8.1CVSS7.2AI score0.02575EPSS
Exploits0References1
Rows per page
Query Builder