CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Veracode•added 2020/08/03 6:29 a.m.•22 views

Information Disclosure

typo3/cms is vulnerable to information disclosure. An insecure internal verification mechanism can be used to generate arbitrary checksums and allows an attacker to inject arbitrary data having a valid cryptographic message authentication code HMAC-SHA1, resulting in disclosure of confidential...

8.8CVSS8.3AI score0.02358EPSS

Exploits0References5Affected Software2

NVD•added 2020/07/29 5:15 p.m.•10 views

CVE-2020-15098

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.20, and greater than or equal to 10.0.0 and less than 10.4.6, it has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic...

8.8CVSS9.1AI score0.02358EPSS

Exploits0References4

Typo3•added 2020/07/28 12:0 a.m.•34 views

Sensitive Information Disclosure

It has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic message authentication code HMAC-SHA1 and can lead to various attack chains as described below...

6.8CVSS3.2AI score0.02369EPSS

Exploits1Affected Software1

Typo3•added 2020/07/28 12:0 a.m.•39 views

Critical vulnerability in legacy versions of TYPO3 CMS

7.5CVSS4.6AI score0.03678EPSS

Exploits2Affected Software1