CVE-2026-46725

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725

The CVE-2026-46725 vulnerability affects the TYPO3 extension Content Element Selector (ceselector). The issue arises when an attacker-controlled cookie is passed directly to PHP unserialize() without safe input handling, enabling PHP Object Injection that can lead to Remote Code Execution on the ...

CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector)

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector)

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

TYPO3 Extension Content Element Selector 代码问题漏洞

TYPO3 Extension Content Element Selector is an open-source extension for TYPO3 that allows users to select content elements. This extension has a code vulnerability that stems from the extension directly passing cookies controlled by the attacker to the PHP’s unserialize function without proper...

TYPO3-EXT-SA-2026-013: Remote Code Execution in extension "Content Element Selector" (ceselector)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2026-013...

EUVD-2021-1272

Malware in sbrugna...

TYPO3 Cross-Site Scripting in legacy form component

Failing to sanitize content from editors, the legacy form component is susceptible to Cross-Site Scripting. A valid editor account with access to a form content element is required to exploit this vulnerability...

TYPO3 Improper Access Control vulnerability

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

GHSA-R674-MC9P-HVW5 TYPO3 Improper Access Control vulnerability

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

GHSA-48WW-8H7G-4HWQ TYPO3 is vulnerable to Spam Abuse in the native form content element

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. An attacker could abuse the form to send mails to arbitrary email addresses...

CVE-2022-24979

An issue was discovered in the Varnishcache extension before 2.0.1 for TYPO3. The Edge Site Includes ESI content element renderer component does not include an access check. This allows an unauthenticated user to render various content elements, resulting in insecure direct object reference IDOR,...

Varnishcache信息泄露漏洞

Varnishcache is a high performance HTTP gas pedal. An information disclosure vulnerability exists in Varnishcache, which arises from an object not being securely referenced by the content element renderer component included in the product edge site. A remote attacker could expose internal content...

SQL Injection in t3/dce

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2021-31777

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2021-31777

The TYPO3 Dynamic Content Element (dce) extension vulnerabilities (versions 2.2.0–2.6.x before 2.6.2 and 2.7.x before 2.7.1) allow an SQL Injection via a backend user account. This is confirmed across multiple sources (CVE-2021-31777). A sample exploit exists in public write-ups (e.g., packetstor...

TYPO3 Dynamic Content Element SQL注入漏洞

TYPO3 Dynamic Content Element is a mobile application from the Swiss company TYPO3. TYPO3 Dynamic Content Element has a SQL injection vulnerability, which stems from insufficient filtering of user-supplied data and can be exploited by attackers to inject SQL to obtain data-sensitive information...

SQL Injection in extension "Dynamic Content Element" (dce)

The extension fails to properly sanitize user input and is susceptible to SQL Injection. A TYPO3 backend user account is required to exploit the vulnerability...

PT-2021-14453 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 7.6.51 TYPO3 versions prior to 8.7.40 TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The issue concerns content elements of type menu being vulnerable to...