typo3
361 tracked vulnerabilities.
CVE-2013-7080
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11 - Unauthenticated Mass Assignment via Extension Table Administration
Dec 23, 2013
EPSS 0.01
CVE-2013-7079
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - Open Redirect in OpenID Extension
Dec 23, 2013
EPSS 0.01
CVE-2013-7075
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - Authenticated PHP Object Unserialization and File Deletion
Dec 23, 2013
EPSS 0.01
CVE-2013-7073
TYPO3 4.5.0-4.5.31, 4.7.0-4.7.16, 6.0.0-6.0.11, 6.1.0-6.1.6 - Authenticated Data Read via Content Editing Wizards
Dec 23, 2013
EPSS 0.01
CVE-2013-7082
TYPO3 Flow 1.1.x < 1.1.1 and 2.0.x < 2.0.1 - Cross-Site Scripting via Error Action Method
Dec 21, 2013
EPSS 0.01
CVE-2013-7077
TYPO3 6.0.0-6.0.11 and 6.1.0-6.1.6 - Cross-Site Scripting in Backend User Administration Module
Dec 21, 2013
EPSS 0.01
CVE-2013-7076
TYPO3 4.5.x-4.7.x - Cross-Site Scripting in Extension Manager
Dec 21, 2013
EPSS 0.01
CVE-2013-7074
TYPO3 4.5.x-4.5.31, 4.7.x-4.7.16, 6.0.x-6.0.11, 6.1.x-6.1.6 - Authenticated XSS in Content Editing Wizards
Dec 21, 2013
EPSS 0.01
CVE-2013-4701
PHP OpenID Library <2.2.2 - Info Disclosure/DoS
Aug 21, 2013
EPSS 0.03
CVE-2013-1843
TYPO3 4.5.x-4.6.x, 4.7.x-4.7.8, 6.0.x-6.0.2 - Open Redirect via Access Tracking Mechanism
Mar 20, 2013
EPSS 0.02
CVE-2013-1842
TYPO3 4.5.x-4.6.x-4.7.x-6.0.x - SQL Injection via Query Object Model
Mar 20, 2013
EPSS 0.03
CVE-2012-6146
TYPO3 4.5.0-4.5.20, 4.6.0-4.6.13, 4.7.0-4.7.5 - Authenticated Arbitrary Record History Access
May 20, 2014
EPSS 0.01
CVE-2012-6148
TYPO3 4.5.0-4.5.20, 4.6.0-4.6.13, 4.7.0-4.7.5 - Authenticated Cross-Site Scripting in Function Menu API
Jul 01, 2013
EPSS 0.01
CVE-2012-6147
TYPO3 4.5.0-4.5.20, 4.6.0-4.6.13, 4.7.0-4.7.5 - Authenticated Cross-Site Scripting in TCA-Tree Backend API
Jul 01, 2013
EPSS 0.02
CVE-2012-6145
TYPO3 4.5.0-4.5.20, 4.6.0-4.6.13, 4.7.0-4.7.5 - Authenticated Cross-Site Scripting in Backend History Module
Jul 01, 2013
EPSS 0.01
CVE-2012-6144
TYPO3 4.5.0-4.5.20, 4.6.0-4.6.13, 4.7.0-4.7.5 - Authenticated SQL Injection
Jul 01, 2013
EPSS 0.02
CVE-2012-3531
TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Cross-Site Scripting in Install Tool
Sep 05, 2012
EPSS 0.01
CVE-2012-3530
TYPO3 4.5.x < 4.5.19, 4.6.x < 4.6.12, 4.7.x < 4.7.4 - Cross-Site Scripting via HTML5 JavaScript Events
Sep 05, 2012
EPSS 0.02
CVE-2012-3529
TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Authenticated Encryption Key Exposure
Sep 05, 2012
EPSS 0.01
CVE-2012-3528
TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Authenticated Cross-Site Scripting
Sep 05, 2012
EPSS 0.02
CVE-2012-3527
TYPO3 4.5.0-4.5.18 - Authenticated Remote Code Execution via Unsafe Deserialization in Backend Help System
Sep 05, 2012
EPSS 0.02
CVE-2012-1608
TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Cross-Site Scripting Bypass via Non-Printable Characters
Sep 04, 2012
EPSS 0.02
CVE-2012-1607
TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Unauthenticated Database Name Exposure via CLI Script
Sep 04, 2012
EPSS 0.03
CVE-2012-1606
TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Authenticated Cross-Site Scripting
Sep 04, 2012
EPSS 0.02
CVE-2012-1605
TYPO3 4.6.0-4.6.6, 4.7, 6.0 - Remote Code Execution via Extbase Framework Unserialization
Sep 04, 2012
EPSS 0.02
Products
typo3 218
cms 116
cms-core 98
cms-backend 24
TYPO3 CMS 14
cms-form 7
cms-install 6
html-sanitizer 6
cms-frontend 4
dam_frontend_extension 4
html_sanitizer 4
wec_discussion_forum 4
Extension "Faceted Search" 3
cms-recycler 3
pdf_generator_2_extension 3
Extension "Mailqueue" 2
HTML Sanitizer 2
address_directory 2
air_filemanager 2
beuserswitch 2
cms-beuser 2
cms-dashboard 2
cms-indexed-search 2
cms-workspaces 2
commerce_extension 2
eluna_page_comments_extension 2
ns backup extension 2
phar-stream-wrapper 2
pharstreamwrapper 2
sql_frontend_extension 2
Quick Filters