Lucene search
K

7 matches found

Typo3
Typo3
added 2014/12/15 12:0 a.m.49 views

Multiple vulnerabilities in BibTex Publications (si_bibtex)

It has been discovered that the extension "BibTex Publications" sibibtex is susceptible to Cross-Site Scripting and SQL Injection. Release Date: December 15, 2014 Bulletin Update: January 9, 2015 added CVEs Component Type: Third party extension. This extension is not a part of the TYPO3 default...

7.5CVSS6.2AI score0.0126EPSS
Exploits0Affected Software1
NVD
NVD
added 2014/05/16 2:55 p.m.18 views

CVE-2014-3759

Multiple SQL injection vulnerabilities in the BibTex Publications sibibtex extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the 1 search or 2 list functionality...

7.5CVSS8.5AI score0.0126EPSS
Exploits0References4
NVD
NVD
added 2014/05/16 2:55 p.m.17 views

CVE-2014-3758

Cross-site scripting XSS vulnerability in the BibTex Publications sibibtex extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the import functionality...

4.3CVSS5.6AI score0.01161EPSS
Exploits0References4
Prion
Prion
added 2014/05/16 2:55 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in the BibTex Publications sibibtex extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the 1 search or 2 list functionality...

7.5CVSS9.2AI score0.0126EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/05/16 2:0 p.m.47 views

CVE-2014-3758

The CVE refers to a Cross-Site Scripting (XSS) vulnerability in the TYPO3 extension BibTex Publications (si_bibtex) version 0.2.3, exposed through the import functionality. The TYPO3 security bulletin TYPO3-EXT-SA-2014-020 documents affected versions (0.2.3 and below) and lists XSS (alongside SQL...

4.3CVSS5.8AI score0.01161EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/05/16 2:0 p.m.34 views

CVE-2014-3759

CVE-2014-3759 refers to multiple SQL injection vulnerabilities in the TYPO3 extension BibTex Publications (si_bibtex) version 0.2.3. The root issue is improper handling/escaping of user input in the extension’s search and list functionality, allowing remote attackers to execute arbitrary SQL comm...

7.5CVSS8.7AI score0.0126EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/05/16 2:0 p.m.18 views

CVE-2014-3759

Multiple SQL injection vulnerabilities in the BibTex Publications sibibtex extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the 1 search or 2 list functionality...

8.5AI score0.0126EPSS
Exploits0References4
Rows per page
Query Builder