9 matches found
EUVD-2022-3004
Malicious code in bioql PyPI...
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism
The jumpUrl aka access tracking implementation in tslib/class.tslibfe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified...
CVE-2013-1843
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...
CVE-2013-1843
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...
CVE-2013-1843
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...
SQL Injection and Open Redirection in TYPO3 Core
It has been discovered that TYPO3 Core is susceptible to SQL Injection and Open Redirection Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.23, 4.6.0 up to 4.6.16, 4.7.0 up to 4.7.8 and 6.0.0 up to 6.0.2 Vulnerability Types: SQL Injection, Open Redirection Overall Severity: High...
typo3 -- Multiple vulnerabilities in TYPO3 Core
Typo Security Team reports: Extbase Framework - Failing to sanitize user input, the Extbase database abstraction layer is susceptible to SQL Injection. TYPO3 sites which have no Extbase extensions installed are not affected. Extbase extensions are affected if they use the Query Object Model and...
Multiple vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Remote File Disclosure, Cross-Site Scripting XSS, Privilege Escalation and Denial of Service. Component Type: TYPO3 Core Affected Versions: 4.2.14 and below, 4.3.6 and below, 4.4.3 and below Vulnerability Types: Remote File Disclosure,...
Information Disclosure & XSS in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Information Disclosure and Cross-Site Scripting. Component Type: TYPO3 Core Affected Versions: TYPO3 versions 3.3.x, 3.5.x, 3.6.x, 3.7.x, 3.8.x, 4.0 to 4.0.11, 4.1.0 to 4.1.9, 4.2.0 to 4.2.5, 4.3alpha1 Vulnerability Types: Information...