10 matches found
CVE-2008-4903
Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...
CVE-2008-4905
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...
CVE-2008-4905
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...
Hardcoded credentials
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...
CVE-2008-4903
Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...
Sql injection
SQL injection vulnerability in the "Manage pages" feature admin/pages in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the searchpublishedat parameter...
CVE-2008-4904
SQL injection vulnerability in the "Manage pages" feature admin/pages in Typo 5.1.3 and earlier allows remote authenticated users with "blog publisher" rights to execute arbitrary SQL commands via the searchpublishedat parameter...
CVE-2008-4905
CVE-2008-4905 affects Typo (versions 5.1.3 and earlier) and is caused by a hard-coded salt used to hash passwords. This weakens brute-force resistance, making password guessing easier for attackers. Connected sources (NVD, UBUNTU, CVE listings) confirm the condition, but none provide a concrete f...
CVE-2008-4905
Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...
CVE-2008-4903
Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...