4 matches found
CVE-2012-6146
The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history of arbitrary records via a crafted URL...
Code injection
The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history of arbitrary records via a crafted URL...
CVE-2012-6146
The CVE-2012-6146 entry pertains to the TYPO3 Backend History Module. Affected series are TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6. The issue arises from insufficient access restriction, allowing remote authenticated editors to read the history of arbitrary records v...
Several Vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to SQL Injection, Information Disclosure and Cross-Site Scripting Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.20, 4.6.0 up to 4.6.13, 4.7.0 up to 4.7.5 and development releases of the 6.0 branch. Vulnerability Types: SQL...