EUVD-2021-1024

Malware in sbrugna...

TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism

The jumpUrl aka access tracking implementation in tslib/class.tslibfe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified...

GHSA-W736-QV86-VQ94 TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism

The jumpUrl aka access tracking implementation in tslib/class.tslibfe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified...

Typo3 Backend XSS Vulnerability

An Information Disclosure vulnerability in jumpUrl mechanism, used to track access on web pages and provided files, allows a remote attacker to read arbitrary files on a host. The expected value of a mandatory hash secret, intended to invalidate such requests, is exposed to remote users allowing...

GHSA-JG55-3Q6H-2CCF Typo3 Backend XSS Vulnerability

An Information Disclosure vulnerability in jumpUrl mechanism, used to track access on web pages and provided files, allows a remote attacker to read arbitrary files on a host. The expected value of a mandatory hash secret, intended to invalidate such requests, is exposed to remote users allowing...

Open Redirection

directmailteam/direct-mailis vulnerable to open redirection. The package does not sanitize jumpUrl allowing an attacker to redirect users to a malicious site...

GHSA-952M-M83C-3XM6 Open redirect in direct_mail

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

CVE-2020-12699

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

Open redirect

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

CVE-2020-12699

The directmail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl...

CVE-2020-12699

The CVE-2020-12699 entry concerns the TYPO3 Direct Mail (direct_mail) extension up to version 5.2.3, where the jumpUrl parameter is not sanitized, enabling an Open Redirect. This conclusion is supported by multiple connected sources (Veracode, GHSA/OSV, CVE records) describing an Open Redirect vi...

TYPO3 Direct Mail Component Input Validation Error Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF from the TYPO3 Association in Switzerland. direct Mail is an email marketing extension plugin used in it. A security vulnerability exists in the Direct Mail component of TYPO3 5.2.3 and earlier versions, which stems from...

TYPO3 Injection Vulnerability

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. An injection vulnerability exists in jumpurl in TYPO3, which stems from the program's failure to process user input and can be exploited by an attacker to inject headers...

CVE-2010-3668

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header Injection in the secure download feature jumpurl...

CVE-2010-3668

TYPO3 core vulnerability CVE-2010-3668: header injection in the secure download feature (jumpurl) affects TYPO3 releases 4.0?–4.1.x up to 4.1.14, 4.2.x up to 4.2.13, 4.3.x up to 4.3.4 and 4.4.x up to 4.4.1. Root cause: improper handling of user input in jumpurl leads to header injection. Impact: ...

EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit

No description provided by source. !-- EMC multiple products KeyWorks KeyHelp Module keyhelp.ocx 1.2.312 remote buffer overflow exploit ie8 xp sp3 by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ tested products: EMC Captiva QuickScan Pro 4.6 sp1 EMC Documentum...

CVE-2010-3714

The jumpUrl aka access tracking implementation in tslib/class.tslibfe.php in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified...

CVE-2010-3714

TYPO3 SA/remote file disclosure due to a non-typesafe jumpUrl hash comparison in tslib/class.tslib_fe.php affects TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4. An attacker can exploit this to read arbitrary files via unspecified vectors. The issue is documented as CVE-201...

EMC Captiva QuickScan Pro KeyHelp ActiveX Control JumpURL buffer overflow

Added: 10/02/2009 BID: 36546 OSVDB: 58423 Background EMC Captiva QuickScan Pro is a document capture solution. It includes KeyHelp, a free ActiveX control used for enhancing HTML help systems. Problem A buffer overflow vulnerability in the KeyHelp ActiveX Control allows command execution when a...

EMC Captiva QuickScan Pro KeyHelp ActiveX Control JumpURL buffer overflow

Added: 10/02/2009 BID: 36546 OSVDB: 58423 Background EMC Captiva QuickScan Pro is a document capture solution. It includes KeyHelp, a free ActiveX control used for enhancing HTML help systems. Problem A buffer overflow vulnerability in the KeyHelp ActiveX Control allows command execution when a...