typo3
361 tracked vulnerabilities.
CVE-2016-5091
HIGH
TYPO3 < 6.2.24 - Remote Code Execution via Extbase Action
Jan 23, 2017
CVSS 8.1
EPSS 0.03
CVE-2016-4056
MEDIUM
TYPO3 6.2.0-6.2.18 - Stored Cross-Site Scripting via Bookmark Module Parameter
Jan 23, 2017
CVSS 6.1
EPSS 0.01
CVE-2015-8760
MEDIUM
TYPO3 CMS 6.2.0-6.2.15 - Cross-Site Flashing via Flvplayer Component
Jan 08, 2016
CVSS 6.1
EPSS 0.01
CVE-2015-8759
MEDIUM
TYPO3 6.2.0-6.2.15 - Authenticated Cross-Site Scripting via typoLink Function
Jan 08, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-8758
MEDIUM
TYPO3 6.2.x-6.2.15 and 7.x-7.6.0 - Authenticated Cross-Site Scripting
Jan 08, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-8757
MEDIUM
TYPO3 6.2.x-7.x - Cross-Site Scripting in Extension Manager
Jan 08, 2016
CVSS 6.1
EPSS 0.01
CVE-2015-8756
MEDIUM
TYPO3 CMS 6.2.0-6.2.15 - Authenticated Cross-Site Scripting in Indexed Search Result View
Jan 08, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-8755
MEDIUM
TYPO3 6.2.0-6.2.15 and 7.0.0-7.6.0 - Authenticated Cross-Site Scripting
Jan 08, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-5956
TYPO3 < 4.5.40, 6.x < 6.2.15, 7.x < 7.4.0 - Authenticated Cross-Site Scripting via Base64 Data URI
Sep 16, 2015
EPSS 0.02
CVE-2015-2821
TYPO3 Neos 1.1.x-1.1.2 and 1.2.x-1.2.2 - Unauthorized Content Node Access and Modification
Apr 01, 2015
EPSS 0.01
CVE-2015-2047
TYPO3 4.3.0-4.3.14, 4.4.0-4.4.15, 4.5.0-4.5.39, 4.6.0-4.6.18 - Authentication Bypass via RSAAuth
Feb 23, 2015
EPSS 0.02
CVE-2014-9509
TYPO3 <4.5.39, 4.6.x-6.2.x<6.2.9, 7.x<7.0.2 - Info Disclosure
Jan 04, 2015
EPSS 0.01
CVE-2014-9508
TYPO3 <4.5.39, <6.2.9, <7.0.2 - XSS
Jan 04, 2015
EPSS 0.02
CVE-2014-3946
TYPO3 6.2.0-6.2.2 - Info Disclosure
Jun 03, 2014
EPSS 0.01
CVE-2014-3945
TYPO3 < 6.2 - Authentication Bypass via Password Hash Knowledge
Jun 03, 2014
EPSS 0.02
CVE-2014-3944
TYPO3 6.2.0-6.2.2 - Improper Authentication
Jun 03, 2014
EPSS 0.01
CVE-2014-3943
TYPO3 4.5.0-4.5.33, 4.7.0-4.7.18, 6.0.0-6.0.13, 6.1.0-6.1.8, 6.2.0-6.2.2 - Authenticated Cross-Site Scripting
Jun 03, 2014
EPSS 0.01
CVE-2014-3942
TYPO3 4.5.0-4.5.33, 4.7.0-4.7.18, 6.0.0-6.0.13, 6.1.0-6.1.8 - Remote Code Execution via Color Picker Wizard
Jun 03, 2014
EPSS 0.02
CVE-2014-3941
TYPO3 <4.5.34-6.2.3 - Info Disclosure
Jun 03, 2014
EPSS 0.03
CVE-2013-4321
TYPO3 6.0.0-6.0.8 and 6.1.0-6.1.3 - Authenticated Remote Code Execution via File Extension in FAL Renaming
May 20, 2014
EPSS 0.01
CVE-2013-4320
TYPO3 6.0.0-6.0.8 and 6.1.0-6.1.3 - Authenticated Arbitrary File Read and Write via File Abstraction Layer
May 20, 2014
EPSS 0.01
CVE-2013-4250
TYPO3 6.0.0-6.0.7 and 6.1.0-6.1.2 - Authenticated Arbitrary PHP Code Execution via File Upload
May 20, 2014
EPSS 0.01
CVE-2013-7341
Flowplayer Flash <3.2.17 - XSS
Mar 24, 2014
EPSS 0.02
CVE-2013-7078
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - Cross-Site Scripting via Error Message
Jan 19, 2014
EPSS 0.02
CVE-2013-7081
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - HMAC Signature Bypass
Dec 23, 2013
EPSS 0.01
Products
typo3 218
cms 116
cms-core 98
cms-backend 24
TYPO3 CMS 14
cms-form 7
cms-install 6
html-sanitizer 6
cms-frontend 4
dam_frontend_extension 4
html_sanitizer 4
wec_discussion_forum 4
Extension "Faceted Search" 3
cms-recycler 3
pdf_generator_2_extension 3
Extension "Mailqueue" 2
HTML Sanitizer 2
address_directory 2
air_filemanager 2
beuserswitch 2
cms-beuser 2
cms-dashboard 2
cms-indexed-search 2
cms-workspaces 2
commerce_extension 2
eluna_page_comments_extension 2
ns backup extension 2
phar-stream-wrapper 2
pharstreamwrapper 2
sql_frontend_extension 2
Quick Filters