Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/03/17 12:0 a.m.44 views

FreeBSD : typo3-{11,12} -- multiple vulnerabilities (1ad3d264-e36b-11ee-9c27-40b034429ecf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 1ad3d264-e36b-11ee-9c27-40b034429ecf advisory. - In TYPO3 11.5.24, the filelist component allows attackers who have access to the administrat...

7.2CVSS6AI score0.02017EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.18 views

TYPO3 8.0.0 < 8.7.57 ELTS / 9.0.0 < 9.5.46 ELTS / 10.0.0 < 10.4.43 ELTS / 11.0.0 < 11.5.35 / 12.0.0 < 12.4.11 / 13.0.1 (TYPO3-CORE-SA-2024-001)

The version of TYPO3 installed on the remote host is prior to 8.0.0 8.7.57 ELTS / 9.0.0 9.5.46 ELTS / 10.0.0 10.4.43 ELTS / 11.0.0 11.5.35 / 12.0.0 12.4.11 / 13.0.1. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2024-001 advisory. - In TYPO3 11.5.24, the filelis...

4.9CVSS5.6AI score0.01161EPSS
Exploits3References2
FreeBSD
FreeBSD
added 2024/02/13 12:0 a.m.38 views

typo3-{11,12} -- multiple vulnerabilities

Typo3 developers reports: All versions are security releases and contain important security fixes - read the corresponding security advisories here: Path Traversal in TYPO3 File Abstraction Layer Storages CVE-2023-30451 Code Execution in TYPO3 Install Tool CVE-2024-22188 Information Disclosure of...

7.2CVSS7.1AI score0.02017EPSS
Exploits3References1
ATTACKERKB
ATTACKERKB
added 2023/12/25 5:15 a.m.1 views

CVE-2023-30451

In TYPO3 11.5.24, the filelist component allows attackers who have access to the administrator panel to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in datasysfilestoragedatasDEFlDEFbasePathvDEF...

4.9CVSS6.1AI score0.01161EPSS
Exploits3References2
OSV
OSV
added 2023/12/25 12:0 a.m.5 views

CVE-2023-30451

In TYPO3 11.5.24, the filelist component allows attackers who have access to the administrator panel to read arbitrary files via directory traversal in the baseuri field, as demonstrated by POST /typo3/record/edit with ../../../ in datasysfilestoragedatasDEFlDEFbasePathvDEF...

4.9CVSS5AI score0.01161EPSS
Exploits3References3
CVE
CVE
added 2023/12/25 12:0 a.m.78 views

CVE-2023-30451

Summary: CVE-2023-30451 affects TYPO3 11.5.24, where the Filelist component allows an authenticated administrator to read arbitrary files via directory traversal in the baseuri field, demonstrated by POST /typo3/record/edit using ../../../ in data[sys_file_storage][data][sDEF][lDEF][basePath][vDE...

4.9CVSS4.9AI score0.01161EPSS
Exploits3References1Affected Software1
Packet Storm
Packet Storm
added 2023/12/20 12:0 a.m.429 views

TYPO3 11.5.24 Path Traversal

Exploit Title: TYPO3 11.5.24 Path Traversal Vulnerability Authenticated Date: Apr 9, 2023 Exploit Author: Saeed reza Zamanian Software Link: https://get.typo3.org/release-notes/11.5.24 Version: 11.5.24 Tested on: Kali 2022.3 CVE : CVE-2023-30451 In TYPO3 11.5.24, the filelist component allows...

7.4AI score0.01161EPSS
Exploits3
Rows per page
Query Builder