CVE-2021-31777

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

DCE extension for Typo3 Discloses Environment Information

The default configuration in the Dynamic Content Elements dce extension before 0.11.5 for TYPO3 allows remote attackers to obtain sensitive installation environment information by reading the update check request...

GHSA-5V5H-4W2G-GXXC SQL Injection in t3/dce

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2021-31777

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

Sql injection

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2021-31777

The dce aka Dynamic Content Element extension 2.2.0 through 2.6.x before 2.6.2, and 2.7.x before 2.7.1, for TYPO3 allows SQL Injection via a backend user account...

CVE-2014-8328

The CVE-2014-8328 issue affects the TYPO3 Dynamic Content Elements (dce) extension prior to version 0.11.5. The vulnerability arises from the extension’s update check functionality, which could disclose sensitive installation environment information to remote attackers. The in-scope detail confir...