60 matches found
CVE-2023-39853
CVE-2023-39853 affects Dzzoffice 2.01. A SQL injection vulnerability exists in the Network Disk backend module, exploitable via the doobj and doevent parameters to leak or access sensitive information. The NVD/CNA metrics indicate network access with low attack complexity and minimal privileges r...
Broken Access Control in extension "femanager"
The extension fails to check access permissions for the edit user component. An authenticated frontend user can use the vulnerability to either edit data of various frontend users or to delete various frontend user accounts. Another missing access check in the backend module of the extensions...
GHSA-P6XX-FHFW-7MJ7 Configuration Injection in extension "Direct Mail" (direct_mail)
The “Configuration” backend module of the extension allows an authenticated user to write arbitrary page TSConfig for folders configured as “Direct Mail”. Exploiting the vulnerability may lead to Configuration Injection TYPO3 10.4 and above and to Arbitrary Code Execution TYPO3 9.5 and below. A...
Arbitrary Code Execution
typo3/cms and typo3/cms-core are vulnerable to arbitrary code execution. An attacker is able to inject and execute malicious TypoScript as PHP code due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module...
Information Disclosure
typo3 is vulnerable to information disclosure. The vulnerability exists because the library does not properly handle user-submitted YAML placeholder expressions in the site configuration backend module which allows an attacker to access sensitive information of the system...
Information disclosure
TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers coul...
Code injection
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible t...
CVE-2022-23503 TYPO3 vulnerable to Arbitrary Code Execution via Form Framework
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible t...
CVE-2022-23503 TYPO3 vulnerable to Arbitrary Code Execution via Form Framework
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible t...
GHSA-8W3P-QH3X-6GJR TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
CVSS: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L/E:F/RL:O/RC:C 5.3 Problem Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messag...
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
CVSS: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L/E:F/RL:O/RC:C 5.3 Problem Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messag...
TYPO3 8.0.0 < 8.7.49 ELTS / 9.0.0 < 9.5.38 ELTS / 10.0.0 < 10.4.33 / 11.0.0 < 11.5.20 / 12.0.0 < 12.1.1 (TYPO3-CORE-SA-2022-015)
The version of TYPO3 installed on the remote host is prior to 8.0.0 8.7.49 ELTS / 9.0.0 9.5.38 ELTS / 10.0.0 10.4.33 / 11.0.0 11.5.20 / 12.0.0 12.1.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2022-015 advisory. - Due to the lack of separating user-submitted...
GHSA-6VFQ-JMXG-G58R Shopware contains sensitive data in backend customer module
Impact The request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID. Patches We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly via the Auto-Updater or directly via the...
@backstage-community/plugin-techdocs-backend-module-confluence (>=0.2.0 <=0.2.1), @backstage/plugin-search-backend-module-techdocs (>=0.0.0-nightly-20230323021924 <=0.4.15-next.0) +13 more potentially affected by unknown CVE via @backstage/plugin-techdocs-node (>=0.0.0-nightly-20220315022536 <=1.1.2-next.2)
@backstage/plugin-techdocs-node NPM version =0.0.0-nightly-20220315022536, =0.2.0, =0.0.0-nightly-20230323021924, =0.0.0-nightly-202111212297, =0.0.0-nightly-20220305022735, =1.0.0, =1.0.1, =1.6.0, =0.0.4, =1.9.1, =1.0.1, =1.0.1, =0.0.0-nightly-2022122206, =0.1.5, =0.1.2, =1.1.0 Source cves:...
CVE-2022-31048
TYPO3’s Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user with access to the Form module can exploit it. Affected TYPO3 versions prior to the fixes are 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11. The problem is fixed in those releas...
CVE-2022-31048 Cross-Site Scripting in Form Framework
TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit...
GHSA-RCGC-4XFC-564V TYPO3 Insecure Deserialization in Query Generator & Query View
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel Backend Module: DB...
GHSA-J2W4-45QM-R674 direct_mail for Typo3 sensitive data exposure
The directmail aka Direct Mail extension through 5.2.2 for TYPO3 has a missing access check in the backend module, allowing a user with restricted permissions to the feusers table to view and export data of frontend users who are subscribed to a newsletter...
GHSA-733V-22MG-7F8W TYPO3 Cross-site Scripting vulnerability in the file backend module
Cross-site scripting XSS vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...
TYPO3 Cross-site Scripting vulnerability in the file backend module
Cross-site scripting XSS vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...