Lucene search
K

8 matches found

OSV
OSV
added 2022/05/17 1:37 a.m.17 views

GHSA-QMMW-CH2Q-J6XX Typo3 Backend API XSS Vulnerability

Cross-site scripting XSS vulnerability in the tree render API TCA-Tree in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5AI score0.01823EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2018/04/03 3:15 p.m.15 views

titus.de XSS vulnerability

Open Bug Bounty ID: OBB-596268 Description| Value ---|--- Affected Website:| titus.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| TYPO3 4.7 Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.1AI score
Exploits0
NVD
NVD
added 2013/12/21 12:55 a.m.25 views

CVE-2013-7076

Cross-site scripting XSS vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01355EPSS
Exploits0References7
Prion
Prion
added 2013/12/21 12:55 a.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01355EPSS
Exploits0References7Affected Software1
UbuntuCve
UbuntuCve
added 2013/03/20 3:55 p.m.29 views

CVE-2013-1843

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.4CVSS6AI score0.02418EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/03/20 3:55 p.m.30 views

CVE-2013-1842

SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Query Object Model and relation values."...

7.5CVSS6.2AI score0.03121EPSS
Exploits0References1
Cvelist
Cvelist
added 2012/09/05 11:0 p.m.36 views

CVE-2012-3527

viewhelp.php in the backend help system in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to unserialize arbitrary objects and possibly execute arbitrary PHP code via an unspecified parameter, related to a "missing signature HMAC."...

7AI score0.0212EPSS
Exploits0References6
NVD
NVD
added 2012/02/18 12:55 a.m.21 views

CVE-2011-4614

PHP remote file inclusion vulnerability in Classes/Controller/AbstractController.php in the workspaces system extension in TYPO3 4.5.x before 4.5.9, 4.6.x before 4.6.2, and development versions of 4.7 allows remote attackers to execute arbitrary PHP code via a URL in the BACKPATH parameter...

6.8CVSS7.4AI score0.0563EPSS
Exploits1References5
Rows per page
Query Builder