Lucene search
K

27 matches found

Typo3
Typo3
added 2017/09/05 12:0 a.m.498 views

Information Disclosure in TYPO3 CMS

It has been discovered, that TYPO3 CMS is susceptible to Information Disclosure. Component Type: TYPO3 CMS Release Date: September 5, 2017 Vulnerability Type: Information Disclosure Affected Versions: 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 Severity: Low Suggested CVSS v2.0:...

7AI score
Exploits0Affected Software1
Typo3
Typo3
added 2017/09/05 12:0 a.m.495 views

Cross-Site Scripting in TYPO3 CMS Backend

It has been discovered, that TYPO3 CMS is vulnerable to Cross-Site Scripting. Component Type: TYPO3 CMS Release Date: September 5, 2017 Vulnerability Type: Cross-Site Scripting Affected Versions: 8.0.0 to 8.7.4 Severity: Low Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:P/I:P/A:N/E:F/RL:OF/RC:C CVE: not...

6.9AI score
Exploits0Affected Software1
Typo3
Typo3
added 2017/01/03 12:0 a.m.610 views

Remote Code Execution in third party library swiftmailer

It has been discovered, that the third party package swiftmailer/swiftmailer is vulnerable to Remote Code Execution Component Type: TYPO3 CMS Release Date: January 3, 2017 Vulnerability Type: Remote Code Execution Affected Versions: 6.2.0 to 6.2.29, 7.6.0 to 7.6.14 and 8.0.0 to 8.5.0 Severity: Lo...

9.7AI score0.41827EPSS
Exploits18Affected Software1
Typo3
Typo3
added 2016/07/19 12:0 a.m.492 views

Insecure Unserialize in TYPO3 Import/Export

It has been discovered, that TYPO3 is susceptible to Insecure Unserialize. Component Type: TYPO3 CMS Release Date: July 19, 2016 Vulnerable subcomponent: Import/Export Vulnerability Type: Insecure Unserialize Affected Versions: Versions 6.2.0 to 6.2.25, 7.6.0 to 7.6.9 and 8.0.0 to 8.2.0 Severity:...

6.9AI score
Exploits0Affected Software1
Typo3
Typo3
added 2016/05/31 12:0 a.m.485 views

SQL Injection in extension "Browser - TYPO3 without PHP" (browser)

It has been discovered that the extension "Browser - TYPO3 without PHP" browser is susceptible to SQL Injection. Release Date: May 31, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 7.4.8 and below Vulnerabili...

7.3AI score
Exploits0Affected Software1
Typo3
Typo3
added 2016/02/23 12:0 a.m.23 views

Cross-Site Scripting in TYPO3 component CSS styled content

It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting. Component Type: TYPO3 CMS Release Date: February 23, 2016 Vulnerable subcomponent: CSS styled content Vulnerability Type: Cross-Site Scripting Affected Versions: Versions 6.2.0 to 6.2.18 and 7.6.0 to 7.6.3 Severity: Medium...

6.9AI score
Exploits0Affected Software1
Typo3
Typo3
added 2016/02/23 12:0 a.m.22 views

Denial of Service attack possibility in TYPO3 component Indexed Search

It has been discovered, that TYPO3 is susceptible to a Denial of Service attack. Component Type: TYPO3 CMS Release Date: February 23, 2016 Vulnerable subcomponent: Indexed Search Vulnerability Type: Denial of Service attack Affected Versions: Versions 6.2.0 to 6.2.18 and 7.6.0 to 7.6.3 Severity:...

7AI score
Exploits0Affected Software1
Typo3
Typo3
added 2016/02/23 12:0 a.m.22 views

XML External Entity (XXE) Processing in TYPO3 Core

It has been discovered, that TYPO3 is susceptible to XML External Entity Processing Component Type: TYPO3 CMS Release Date: February 23, 2016 Vulnerable subcomponent: TYPO3 CMS Vulnerability Type: XML External Entity Processing Affected Versions: Versions 6.2.0 to 6.2.18 and 7.6.0 to 7.6.3...

7AI score
Exploits0Affected Software1
Typo3
Typo3
added 2015/09/30 12:0 a.m.20 views

Information Disclosure in extension "Adminer" (t3adminer)

It has been discovered that the extension "Adminer" t3adminer is susceptible to Information Disclosure. Release Date: September 30, 2015 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: version 7.0.1 and below Vulnerability...

6.9AI score
Exploits0Affected Software1
Typo3
Typo3
added 2015/02/19 12:0 a.m.255 views

Authentication Bypass in TYPO3 CMS 4.5

It has been discovered that TYPO3 CMS 4.5.x is vulnerable to Authentication Bypass. Component Type: TYPO3 CMS Vulnerability Types: Authentication Bypass Overall Severity: Critical Release Date: February 19, 2015 Bulletin Update: February 23, 2015 added CVE Vulnerable subcomponent: rsaauth system...

2.6CVSS0.7AI score0.0152EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2015/01/09 12:0 a.m.142 views

Multiple vulnerabilities in Content Rating Extbase (content_rating_extbase)

It has been discovered that the extension "Content Rating Extbase" contentratingextbase is susceptible to Cross-Site Scripting and SQL Injection. Release Date: January 9, 2015 Bulletin Update: February 23, 2015 added CVEs Component Type: Third party extension. This extension is not a part of the...

7.5CVSS6.2AI score0.01262EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2014/12/08 12:0 a.m.120 views

Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension "phpMyAdmin" phpmyadmin is susceptible to Cross-Site Scripting, Denial of Service and Local File Inclusion. Release Date: December 8, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected...

6.5CVSS0.6AI score0.11055EPSS
Exploits6Affected Software1
Typo3
Typo3
added 2014/10/17 12:0 a.m.24 views

Information Disclosure vulnerability in Dynamic Content Elements (dce)

It has been discovered that the extension "Dynamic Content Elements" dce is susceptible to Information Disclosure. Release Date: October 17, 2014 Bulletin Update: October 18, 2014 added CVE Component Type: Third party extension. This extension is not a part of the TYPO3 default installation...

5.5AI score0.01583EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2014/04/10 12:0 a.m.136 views

Captcha Bypass in extension "powermail" (powermail)

It has been discovered that the extension "powermail" powermail is susceptible to Captcha Bypass Release Date: April 10, 2014 Bulletin update: September 18, 2014 added CVE Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions:...

7.5CVSS6.3AI score0.01912EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2014/01/28 12:0 a.m.19 views

Cross-Site Request Forgery Protection in TYPO3 CMS 6.2

TYPO3 CMS 6.2 will get CSRF Protection throughout all modules and parts that manipulate data. Component Type: TYPO3 CMS Vulnerability Types: Cross-Site Request Forgery CSRF Overall Severity: Low Release Date: January 31, 2014 Affected Versions: All versions below 6.2 CVE: Will be requested. Probl...

7.3AI score
Exploits0Affected Software1
Typo3
Typo3
added 2013/09/25 12:0 a.m.84 views

Several vulnerabilities in extension AWStats (cc_awstats)

It has been discovered that the extension "AWStats" ccawstats contains an unspecific vulnerability in the bundled AWStats version. Release Date: September 25, 2013 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version...

4.3CVSS6.1AI score0.05796EPSS
Exploits1Affected Software1
Typo3
Typo3
added 2013/09/25 12:0 a.m.27 views

SQL Injection vulnerability in extension RealURL: speaking paths for TYPO3 (realurl)

It has been discovered that the extension "RealURL: speaking paths for TYPO3" realurl is vulnerable to SQL-Injection. Release Date: September 25, 2013 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 1.12.6 and below...

7.7AI score
Exploits0Affected Software1
Typo3
Typo3
added 2012/04/17 12:0 a.m.100 views

Cross-Site Scripting Vulnerability in TYPO3 Core

It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting. Component Type: TYPO3 Core Affected Versions: 4.4.0 up to 4.4.14, 4.5.0 up to 4.5.14, 4.6.0 up to 4.6.7 and development releases of the 4.7 branch. Vulnerable subcomponent: Exception Handler Vulnerability Type: Cross-Si...

4.3CVSS0.2AI score0.01387EPSS
Exploits0Affected Software1
Typo3
Typo3
added 2011/09/14 12:0 a.m.14 views

Improper error handling could lead to cache flooding in TYPO3 Core

It has been discovered that TYPO3 is susceptible to Cache Flooding Component Type: TYPO3 Core Affected Versions: 4.2.0 - 4.2.17, 4.3.0 - 4.3.13, 4.4.0 - 4.4.10 and 4.5.0 - 4.5.5 Release Date: September 14, 2011 Vulnerable subcomponent: Caching System Vulnerability Type: Improper error handling...

6.8AI score
Exploits0Affected Software1
Typo3
Typo3
added 2011/08/25 12:0 a.m.63 views

Several Vulnerabilities in extension Formhandler (formhandler)

It has been discovered that the extension Formhandler formhandler is vulnerable to SQL-Injection and Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 0.9.14 and below Vulnerability Types: SQL...

6.9AI score
Exploits0Affected Software1
Rows per page
Query Builder