6 matches found
EUVD-2022-1684
Malicious code in bioql PyPI...
EUVD-2022-1724
Malicious code in bioql PyPI...
CVE-2020-25026
The sfeventmgt aka Event management and registration extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure participant data, and event data via email because of Broken Access Control...
CVE-2010-0336
Unspecified vulnerability in the kiddogmysqldumper kiddogmysqldumper extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors...
GHSA-X8PV-FGXP-8V3X TYPO3 Allows Information Disclosure via DBAL Restriction Handling
Problem When performing a database query involving multiple tables through the database abstraction layer DBAL, frontend user permissions are only applied via FrontendGroupRestriction to the last table. As a result, data from additional tables included in the same query may be unintentionally...
TYPO3 API Information Disclosure Vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF maintained by the Swiss TYPO3 Association. An information disclosure vulnerability exists in the TYPO3 API. A remote user can send a specially crafted HTTP request to the TYPO3 API to view potentially sensitive version...