Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / typo3

typo3

346 tracked vulnerabilities.

TYPO3 4.5.0-4.5.20, 4.6.0-4.6.13, 4.7.0-4.7.5 - Authenticated SQL Injection

TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Cross-Site Scripting in Install Tool

TYPO3 4.5.x < 4.5.19, 4.6.x < 4.6.12, 4.7.x < 4.7.4 - Cross-Site Scripting via HTML5 JavaScript Events

TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Authenticated Encryption Key Exposure

TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Authenticated Cross-Site Scripting

TYPO3 4.5.0-4.5.18 - Authenticated Remote Code Execution via Unsafe Deserialization in Backend Help System

TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Cross-Site Scripting Bypass via Non-Printable Characters

TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Unauthenticated Database Name Exposure via CLI Script

TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Authenticated Cross-Site Scripting

TYPO3 4.6.0-4.6.6, 4.7, 6.0 - Remote Code Execution via Extbase Framework Unserialization

TYPO3 4.4.0-4.4.14, 4.5.0-4.5.14, 4.6.0-4.6.7, 4.7 - Cross-Site Scripting via Exception Handler

TYPO3 aeurltool 0.1.0 - Cross-Site Scripting

TYPO3 beuserswitch <0.0.1 - Info Disclosure

TYPO3 BE User Switch 0.0.1 - Cross-Site Scripting

TYPO3 Terminal < 0.3.2 - Cross-Site Request Forgery

Terminal PHP Shell < 0.3.2 - Authenticated Cross-Site Scripting

skt_eurocalc 0.0.1 - Cross-Site Scripting

TYPO3 mm_whtppr <0.0.4 - SQL Injection

TYPO3 toi_category < 0.6.0 - Cross-Site Scripting

TYPO3 toi_category <0.6.0 - SQL Injection

CVE-2011-3583 CRITICAL

Typo3 4.5.0-4.5.5 - SQL Injection via Prepared Statement Parameter Binding

CVE-2011-4904 MEDIUM

TYPO3 < 4.4.9 and 4.5.x < 4.5.4 - Unauthenticated Information Disclosure via ExtDirect Endpoint

CVE-2011-4903 MEDIUM

TYPO3 < 4.3.12, 4.4.x < 4.4.9, 4.5.x < 4.5.4 - Cross-Site Scripting via RemoveXSS Function

CVE-2011-4902 MEDIUM

TYPO3 < 4.3.12, 4.4.x < 4.4.9, 4.5.x < 4.5.4 - Arbitrary File Deletion

CVE-2011-4901 MEDIUM

TYPO3 < 4.3.12, 4.4.x < 4.4.9, 4.5.x < 4.5.4 - Unauthenticated Database Information Disclosure

Previous Page 8 of 14 Next

Products

typo3 218 cms 116 cms-core 85 cms-backend 22 cms-install 6 cms-form 4 cms-frontend 4 dam_frontend_extension 4 html-sanitizer 4 html_sanitizer 4 wec_discussion_forum 4 Extension "Faceted Search" 3 pdf_generator_2_extension 3 Extension "Mailqueue" 2 address_directory 2 air_filemanager 2 beuserswitch 2 cms-beuser 2 cms-dashboard 2 cms-recycler 2 cms-workspaces 2 commerce_extension 2 eluna_page_comments_extension 2 ns backup extension 2 phar-stream-wrapper 2 pharstreamwrapper 2 sql_frontend_extension 2 sr feuser register extension 2 sr_feuser_register_extension 2 terminal 2

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy