CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use. More specifically, the reader is known as PDF reader - documents viewer, package name com.document.pdf.viewer. As a result, this aggressive behavior lands...

0.1AI score

Exploits0

CNVD•added 2017/07/20 12:0 a.m.•1 views

TYPO3 Content Rating Extbase Extension SQL Injection Vulnerability

TYPO3 is a content management system based on PHP4/PHP5+MYsql. TYPO3 Content Rating Extbase Extension suffers from a SQL injection vulnerability due to the program's failure to adequately filter user-supplied data before it is used in SQL queries. An attacker can exploit the vulnerability to...

8AI score

Exploits0References1

Typo3•added 2017/07/11 12:0 a.m.•511 views

SQL Injection in extension "Content Rating Extbase" (content_rating_extbase)

It has been discovered that the extension "Content Rating Extbase" contentratingextbase is susceptible to SQL Injection. Release Date: July 11, 2017 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 2.0.3 and below...

7.3AI score

Exploits0Affected Software1

NVD•added 2015/02/03 4:59 p.m.•7 views

CVE-2015-1405

SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.00517EPSS

Exploits0References4

NVD•added 2015/02/03 4:59 p.m.•12 views

CVE-2015-1404

Cross-site scripting XSS vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00285EPSS

Exploits0References4

NVD•added 2015/02/03 4:59 p.m.•8 views

CVE-2015-1403

SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.00397EPSS

Exploits0References4

NVD•added 2015/02/03 4:59 p.m.•6 views

CVE-2015-1402

Cross-site scripting XSS vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00285EPSS

Exploits0References4

Prion•added 2015/02/03 4:59 p.m.•10 views

Sql injection

SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.00517EPSS

Exploits0References4Affected Software1

Prion•added 2015/02/03 4:59 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.00285EPSS

Exploits0References4Affected Software1

Prion•added 2015/02/03 4:59 p.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.00285EPSS

Exploits0References4Affected Software1

Prion•added 2015/02/03 4:59 p.m.•11 views

Sql injection

SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.00397EPSS

Exploits0References4Affected Software1

Cvelist•added 2015/02/03 4:0 p.m.•16 views

CVE-2015-1402

Cross-site scripting XSS vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00285EPSS

Exploits0References4

CVE•added 2015/02/03 4:0 p.m.•41 views

CVE-2015-1404

TYPO3 Content Rating Extbase extension (content_rating_extbase) vulnerable: versions 2.0.3 and older are affected. Root cause is improper escaping of user input in HTML and SQL contexts, enabling Cross-Site Scripting (XSS) and SQL Injection as described in TYPO3 security bulletin TYPO3-EXT-SA-201...

4.3CVSS5.9AI score0.00285EPSS

Exploits0References4Affected Software1

CVE•added 2015/02/03 4:0 p.m.•30 views

CVE-2015-1402

CVE-2015-1402 affects the TYPO3 Content Rating extension (version 1.0.3 and earlier). The root cause is improper input handling, enabling cross-site scripting (XSS) via unspecified vectors and, per TYPO3 bulletins, potential SQL injection. Impact is listed as XSS with partial integrity exposure a...

4.3CVSS5.9AI score0.00285EPSS

Exploits0References4Affected Software1

CVE•added 2015/02/03 4:0 p.m.•34 views

CVE-2015-1405

CVE-2015-1405 affects the TYPO3 Content Rating Extbase extension (component: content_rating_extbase) for TYPO3, specifically versions 2.0.3 and earlier. The weakness is an SQL injection vulnerability that allows a remote attacker to execute arbitrary SQL commands via unspecified vectors. The rela...

7.5CVSS8.7AI score0.00517EPSS

Exploits0References4Affected Software1

Cvelist•added 2015/02/03 4:0 p.m.•14 views

CVE-2015-1405

SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.00517EPSS

Exploits0References4

Cvelist•added 2015/02/03 4:0 p.m.•16 views

CVE-2015-1404

Cross-site scripting XSS vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00285EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by