12 matches found
EUVD-2014-6183
Malware in sbrugna...
EUVD-2014-6184
Malware in sbrugna...
EUVD-2014-6182
Malware in sbrugna...
EUVD-2010-1248
Malware in sbrugna...
CVE-2020-15516
The mmforum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF...
TYPO3 mm_forum extension cross-site request forgery vulnerability
TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Association. mmforum extension is one of the forum extensions. A cross-site request forgery vulnerability exists in TYPO3 mmforum extension 1.9.5 and earlier versions. The vulnerability stems from a WEB...
CVE-2014-6299
Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...
CVE-2014-6298
Unrestricted file upload vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...
Unrestricted file upload
Unrestricted file upload vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via unspecified vectors...
CVE-2014-6299
The CVE-2014-6299 entry concerns the TYPO3 extension mm_forum. A CSRF vulnerability existed in mm_forum up to version 1.9.2 that allowed remote attackers to hijack user authentication for requests that create posts. The TYPO3 security bulletin (TYPO3-EXT-SA-2014-001) confirms this class of vulner...
CVE-2014-6298
Unrestricted file upload vulnerability in the mmforum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors...