Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
typo3TYPO3 AssociationTYPO3-EXT-SA-2019-017
HistoryOct 15, 2019 - 12:00 a.m.

Multiple vulnerabilities in extension "SLUB: Event Registration" (slub_events)

2019-10-1500:00:00
TYPO3 Association
typo3.org
13

EPSS

0.017

Percentile

87.9%

JSON

The extension allows to upload arbitrary files to the webserver. For versions 1.2.2 and below, this vulnerability results in Remote Code Execution. In versions later than 1.2.2, the vulnerability can result in Denial of Service, since the webspace can be filled up with arbitrary files. The extension also includes jQuery 2.2.4 which is known to be vulnerable against Cross Site Scripting.

Related

nvd 1
cvelist 1
osv 2
prion 1
github 1
symantec 1
cve 1
nvd
nvd
CVE-2019-16700
2019-10-16 19:15:15
cvelist
cvelist
CVE-2019-16700
2019-10-16 18:37:38
osv
osv
slub_events for Typo3 Arbitrary File Upload
2022-05-24 16:58:56
CVE-2019-16700
2019-10-16 19:15:00
prion
prion
Remote code execution
2019-10-16 19:15:00
github
github
slub_events for Typo3 Arbitrary File Upload
2022-05-24 16:58:56
symantec
symantec
SLUB Event Registration Extension CVE-2019-16700 Arbitrary File Upload Vulnerability
2019-10-15 00:00:00
cve
cve
CVE-2019-16700
2019-10-16 19:15:15

EPSS

0.017

Percentile

87.9%

JSON
Related for TYPO3-EXT-SA-2019-017
nvd1cvelist1osv2prion1github1symantec1cve1