10 matches found
CVE-2010-0330
SQL injection vulnerability in the Googlemaps for ttnews jfeasymaps extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
EUVD-2010-3656
Malware in sbrugna...
EUVD-2010-1045
Malware in sbrugna...
EUVD-2022-1704
Malicious code in bioql PyPI...
EUVD-2023-0740
Malicious code in bioql PyPI...
EUVD-2022-6705
Malicious code in bioql PyPI...
CVE-2010-1019
SQL injection vulnerability in the Simple Gallery sksimplegallery extension 0.0.9 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2019-19849
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the classes QueryGenerator and QueryView are vulnerable to insecure deserialization. One exploitable scenario requires having the system extension ext:lowlevel Backend Module: DB...
TYPO3 Information Disclosure via Exception Handling/Logger
Problem It has been discovered that the install tool password has been logged as plaintext in case the password hashing mechanism used for the password was incorrect. Solution Update to TYPO3 versions 13.4.3 LTS that fixes the problem described. Credits Thanks to TYPO3 core & security team member...
CVE-2022-23502 TYPO3 contains Insufficient Session Expiration after Password Reset
TYPO3 is an open source PHP based web content management system. In versions prior to 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both...