30 matches found
EUVD-2014-6183
Malware in sbrugna...
EUVD-2010-1248
Malware in sbrugna...
EUVD-2014-6182
Malware in sbrugna...
EUVD-2020-7505
Malware in sbrugna...
EUVD-2014-6184
Malware in sbrugna...
CVE-2020-15516
The mmforum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF...
TYPO3 mm_forum extension cross-site request forgery vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. mmforum extension is one of the forum extensions. A cross-site request forgery vulnerability exists in TYPO3 mmforum extension 1.9.5 and earlier versions. The vulnerability stems from a WEB...
CVE-2020-15516
The mmforum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF...
Cross site request forgery (csrf)
The mmforum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF...
CVE-2020-15516
The mmforum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF...
CVE-2020-15516
The CVE-2020-15516 issue affects the TYPO3 mm_forum extension up to version 1.9.5. The connected documents describe a cross-site scripting vulnerability that can be exploited via cross-site request forgery (CSRF) due to improper input encoding in HTML output and missing CSRF protection for the up...
Multiple vulnerabilities in extension "mm_forum" (mm_forum)
The extension fails to properly encode user input for output in HTML context. Also the extension fails to implement a CSRF protection for update profile plugin...
CVE-2014-6297
Cross-site scripting XSS vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-6298
Unrestricted file upload vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...
CVE-2014-6299
Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...
Unrestricted file upload
Unrestricted file upload vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...
CVE-2014-6299
The CVE-2014-6299 entry concerns the TYPO3 extension mm_forum. A CSRF vulnerability existed in mm_forum up to version 1.9.2 that allowed remote attackers to hijack user authentication for requests that create posts. The TYPO3 security bulletin (TYPO3-EXT-SA-2014-001) confirms this class of vulner...
CVE-2014-6299
Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...
CVE-2014-6297
The CVE-2014-6297 entry corresponds to a Cross‑site Scripting (XSS) vulnerability in the TYPO3 mm_forum extension prior to 1.9.3. The issue affects TYPO3 installations using mm_forum version ≤ 1.9.2 and is caused by insufficient input sanitization, allowing remote attackers to inject arbitrary we...