Lucene search
+L

29 matches found

Typo3
Typo3
added 2020/07/28 12:0 a.m.35 views

Sensitive Information Disclosure in extension "Media Content Element" (mediace)

It has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic message authentication code HMAC-SHA1 and can lead to various attack chains as described below...

7.5CVSS3.3AI score0.02721EPSS
Exploits2Affected Software1
Friends Of PHP
Friends Of PHP
added 2020/07/16 7:31 a.m.35 views

Sensitive Information Disclosure in extension "Media Content Element" (mediace)

More info at https://typo3.org/security/advisory/typo3-ext-sa-2020-014...

9.8CVSS7.2AI score0.02721EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2014/01/06 12:0 a.m.30 views

TYPO3 Multiple Vulnerabilities (Dec 2013)

TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...

6.5CVSS6.3AI score0.0164EPSS
Exploits0References8
NVD
NVD
added 2013/12/23 11:55 p.m.41 views

CVE-2013-7081

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

4.9CVSS6.2AI score0.01017EPSS
Exploits0References3
Prion
Prion
added 2013/12/23 11:55 p.m.20 views

Design/Logic Flaw

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

4.9CVSS6.7AI score0.01017EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/12/23 11:55 p.m.43 views

CVE-2013-7081

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

4.9CVSS5.9AI score0.01017EPSS
Exploits0References2
OSV
OSV
added 2013/12/23 11:55 p.m.2 views

UBUNTU-CVE-2013-7081

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

4.9CVSS5.9AI score0.01017EPSS
Exploits0References3
CVE
CVE
added 2013/12/23 11:0 p.m.66 views

CVE-2013-7081

CVE-2013-7081 affects the TYPO3 Form Content Element in TYPO3 releases 4.5.0–4.5.31, 4.7.0–4.7.16, 6.0.0–6.0.11, and 6.1.0–6.1.6. The issue allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors. Root cause is tied...

4.9CVSS6.3AI score0.01017EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/12/23 11:0 p.m.39 views

CVE-2013-7081

The old Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restrictions via unspecified vectors...

6.2AI score0.01017EPSS
Exploits0References3
Rows per page
Query Builder