19 matches found
EUVD-2015-2387
Malware in sbrugna...
EUVD-2022-5107
Malicious code in bioql PyPI...
EUVD-2022-2510
Malicious code in bioql PyPI...
CVE-2015-8758
Multiple cross-site scripting XSS vulnerabilities in unspecified frontend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...
CVE-2015-8756
Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...
SUSE CVE-2013-7073
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters...
GHSA-XX7M-8RQ2-CW2V TYPO3 CMS indexed search Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the search result view in the Indexed Search indexedsearch component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors...
CVE-2022-26846
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code...
Unauthorized Workspace Modification
typo3/neos is vulnerable to unauthorized workspace modification. Remote editors can access, create and modify content nodes in other editor's workspaces...
CVE-2015-8755
Multiple cross-site scripting XSS vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors...
CVE-2015-4713
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php...
Sql injection
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php...
CVE-2015-4713
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php...
CVE-2015-4613
SQL injection vulnerability in the backend module in the Developer Log devlog extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in the backend module in the Developer Log devlog extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors...
Unspecified Security Bypass Vulnerability in TYPO3
TYPO3 is a content management system. TYPO3 has a security vulnerability that allows remote editors to bypass security restrictions and access, modify, and create content for other editors...
CVE-2015-2821
TYPO3 Neos is affected: versions 1.1.x before 1.1.3 and 1.2.x before 1.2.3 allow remote editors to access, create, and modify content nodes in other editors’ workspaces via unspecified vectors. The connected docs confirm the affected versions and the nature of the access, but do not provide the r...
CVE-2012-6146
The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history of arbitrary records via a crafted URL...
UBUNTU-CVE-2013-7073
The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 does not check permissions, which allows remote authenticated editors to read arbitrary TYPO3 table columns via unspecified parameters...