29 matches found
EUVD-2022-4501
Malicious code in bioql PyPI...
EUVD-2022-3022
Malicious code in bioql PyPI...
EUVD-2022-4984
Malicious code in bioql PyPI...
GHSA-M64J-J252-JXMR TYPO3 SQL injection vulnerability in the Extbase Framework
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...
TYPO3 SQL injection vulnerability in the Extbase Framework
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...
TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase Framework
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
GHSA-QJ69-CHJP-G4F5 TYPO3 Cross-site scripting (XSS) vulnerability in the Extbase Framework
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
PT-2021-14439 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 8.7.40 TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The issue arises from the lack of ensuring file extensions belong to configured allowed mime-types,...
CVE-2014-3946
The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors...
CVE-2014-3946
The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors...
CVE-2014-3946
The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 before 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors...
CVE-2014-3946
The CVE-2014-3946 issue affects TYPO3’s Extbase Framework component, specifically TYPO3 6.2.0 before 6.2.3. The vulnerability arises from improper validation of group permissions within the query caching functionality, enabling remote authenticated users to read arbitrary queries via unspecified ...
CVE-2013-7078
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
Cross site scripting
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
UBUNTU-CVE-2013-7078
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
CVE-2013-7078
Cross-site scripting XSS vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6, when the Rewritten Property Mapper is enabled, allows remote attackers t...
CVE-2013-7078
TYPO3 Extbase Framework XSS (CVE-2013-7078) affects errorAction in ActionController base class. Vulnerable in TYPO3 versions 4.5.0–4.5.31, 4.7.0–4.7.16, 6.0.0–6.0.11, and 6.1.0–6.1.6 when the Rewritten Property Mapper is enabled. The vulnerability allows remote attackers to inject arbitrary scrip...
TYPO3 Multiple Vulnerabilities (Dec 2013)
TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...
TYPO3 Multiple Vulnerabilities (Mar 2013)
TYPO3 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...
Sql injection
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...