Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Veracode
Veracodeadded 2020/08/03 6:13 a.m.22 views

Remote Code Execution

friendsoftypo3/mediace is vulnerable to remote code execution. An attacker who has access to Extbase plugin or module action within a TYPO3 installation is able to execute arbitrary code by injecting arbitrary data with a valid cryptographic MAC. The vulnerability exists due to an insecure intern...

9.8CVSS4.1AI score0.03678EPSS
Exploits1References4Affected Software1
Veracode
Veracodeadded 2020/07/30 4:30 a.m.37 views

Remote Code Execution (RCE)

typo3/cms is vulnerable to insecure cryptography. During installation with mediace extension, the vulnerability exists because it was possible to generate arbitrary checksums that allows the injection of arbitrary data, allowing an attacker with at least one Extbase plugin or module action to...

9.8CVSS5.6AI score0.03678EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2020/07/29 5:15 p.m.15 views

CVE-2020-15086

In TYPO3 installations with the "mediace" extension from version 7.6.2 and before version 7.6.5, it has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. The allows to inject arbitrary data having a valid cryptographic message authentication code...

9.8CVSS9.7AI score
Exploits0References3
Rows per page
Query Builder