typo3

361 tracked vulnerabilities.

CVE-2010-3673 MEDIUM
TYPO3 < 4.2.13 - Information Disclosure in HTML Mailing API
Nov 05, 2019
CVSS 5.3
EPSS 0.01
CVE-2010-3672 MEDIUM
TYPO3 < 4.3.4 and 4.4.x < 4.4.1 - Cross-Site Scripting in Extbase Textarea View Helper
Nov 05, 2019
CVSS 6.1
EPSS 0.01
CVE-2010-3671 MEDIUM
TYPO3 <4.1.14, <4.2.13, <4.3.4, <4.4.1 - Info Disclosure
Nov 05, 2019
CVSS 6.5
EPSS 0.02
CVE-2010-3670 MEDIUM
TYPO3 < 4.3.4 and 4.4.x < 4.4.1 - Insecure Randomness in Password Reset Hash Generation
Nov 05, 2019
CVSS 4.8
EPSS 0.01
CVE-2010-3669 MEDIUM
TYPO3 4.2.0-4.2.12 - Cross-Site Scripting and Open Redirect in Frontend Login Box
Nov 04, 2019
CVSS 5.4
EPSS 0.01
CVE-2010-3668 HIGH
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Header Injection via Secure Download Feature
Nov 04, 2019
CVSS 7.5
EPSS 0.01
CVE-2010-3667 MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Spam Abuse via Native Form Content Element
Nov 04, 2019
CVSS 5.3
EPSS 0.01
CVE-2010-3666 MEDIUM
TYPO3 <4.1.14, <4.2.13, <4.3.4, <4.4.1 - Info Disclosure
Nov 04, 2019
CVSS 5.3
EPSS 0.01
CVE-2010-3665 MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Cross-Site Scripting in Extension Manager
Nov 04, 2019
CVSS 5.4
EPSS 0.01
CVE-2010-3664 MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Information Disclosure in Backend
Nov 04, 2019
CVSS 6.5
EPSS 0.01
CVE-2010-3663 HIGH
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Remote Code Execution
Nov 04, 2019
CVSS 8.8
EPSS 0.02
CVE-2010-3662 HIGH
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - SQL Injection
Nov 04, 2019
CVSS 8.8
EPSS 0.01
CVE-2010-3661 MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Open Redirect in Backend
Nov 01, 2019
CVSS 6.1
EPSS 0.01
CVE-2010-3660 MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Cross-Site Scripting in Backend
Nov 01, 2019
CVSS 5.4
EPSS 0.01
CVE-2010-3659 MEDIUM
TYPO3 CMS 4.1.0-4.1.13, 4.2.0-4.2.12, 4.3.0-4.3.3, 4.4.0 - Authenticated Cross-Site Scripting
Oct 20, 2017
CVSS 5.4
EPSS 0.01
CVE-2010-5099
TYPO3 <4.2.16, 4.3.9, 4.4.5 - Path Traversal
May 30, 2012
EPSS 0.03
CVE-2010-5104
TYPO3 <4.2.16-4.4.5 - Info Disclosure
May 21, 2012
EPSS 0.02
CVE-2010-5103
TYPO3 <4.2.16-4.4.5 - SQL Injection
May 21, 2012
EPSS 0.01
CVE-2010-5102
TYPO3 <4.2.16-4.4.5 - Path Traversal
May 21, 2012
EPSS 0.03
CVE-2010-5101
TYPO3 <4.2.16-4.4.5 - Path Traversal
May 21, 2012
EPSS 0.02
CVE-2010-5100
TYPO3 4.2.0-4.2.15, 4.3.0-4.3.8, 4.4.0-4.4.4 - Authenticated Cross-Site Scripting in Install Tool
May 21, 2012
EPSS 0.01
CVE-2010-5098
TYPO3 4.2.0-4.2.15, 4.3.0-4.3.8, 4.4.0-4.4.4 - Authenticated Cross-Site Scripting in FORM Content Object
May 21, 2012
EPSS 0.02
CVE-2010-5097
TYPO3 4.3.0-4.3.8 and 4.4.0-4.4.4 - Cross-Site Scripting in Click Enlarge Functionality
May 21, 2012
EPSS 0.02
CVE-2010-4068
TYPO3 4.2.x-4.2.14, 4.3.x-4.3.6, 4.4.x-4.4.3 - Authenticated Arbitrary File Read and Write via Extension Manager
Oct 25, 2010
EPSS 0.01
CVE-2010-3717
TYPO3 4.2.x-4.3.x-4.4.x - Denial of Service via Long Email Address String
Oct 25, 2010
EPSS 0.01