Lucene search

K

Kennziffer Security Vulnerabilities

cve
cve

CVE-2013-5302

SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

8.7AI Score

0.004EPSS

2013-08-16 05:55 PM
16
cve
cve

CVE-2013-5307

Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.9AI Score

0.003EPSS

2013-08-16 05:55 PM
27
cve
cve

CVE-2014-6235

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.

7.7AI Score

0.583EPSS

2014-09-11 02:16 PM
34
cve
cve

CVE-2014-6293

SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014.

8.7AI Score

0.002EPSS

2014-10-03 02:55 PM
19
cve
cve

CVE-2014-8874

The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.

6.2AI Score

0.003EPSS

2014-12-02 04:59 PM
26