14 matches found
CVE-2009-4167
Unspecified vulnerability in the Automatic Base Tags for RealUrl ltbasetag extension 1.0.0 for TYPO3 allows remote attackers to conduct "Cache spoofing" attacks via unspecified vectors...
EUVD-2021-0720
Malware in sbrugna...
EUVD-2008-6426
Malware in sbrugna...
EUVD-2021-2058
Malware in sbrugna...
EUVD-2021-30487
Malicious code in bioql PyPI...
EUVD-2025-16028
Malicious code in bioql PyPI...
EUVD-2024-2850
Malicious code in bioql PyPI...
CVE-2025-9573 Command Injection in extension "TYPO3 Backup Plus" (ns_backup)
The nsbackup extension through 13.0.2 for TYPO3 allows command injection...
The Backup Plus extension for TYPO3 (ns_backup) allows XSS
The nsbackup extension through 13.0.0 for TYPO3 allows XSS...
CVE-2022-29600
The oelib aka One is Enough Library extension through 4.1.5 for TYPO3 allows SQL Injection...
GHSA-23FM-V895-3QXQ jh_captcha for Typo3 XSS Vulnerability
The jhcaptcha extension through 2.1.3, and 3.x through 3.0.2, for TYPO3 allows XSS...
GHSA-R3RW-H5V8-FF6H CoolURI extension for TYPO3 vulnerable to SQL Injection
SQL injection vulnerability in the CoolURI extension before 1.0.30 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
GHSA-XWQ4-2CWR-FV2Q fal_sftp extension for TYPO3 uses weak permissions for sFTP driver files and folders
The falsftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors...
PHPUnit extension for TYPO3 vulnerable to Cross-site Scripting
Cross-site scripting XSS vulnerability in the PHPUnit extension before 3.5.15 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...