Typo3

Typo3

214 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2013-7080

  • EPSS 0.27%
  • Veröffentlicht 23.12.2013 23:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The creating record functionality in Extension table administration library (feuser_adminLib.inc) in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration ...

4.9

CVE-2013-7081

  • EPSS 0.17%
  • Veröffentlicht 23.12.2013 23:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The (old) Form Content Element component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated editors to generate arbitrary HMAC signatures and bypass intended access restricti...

3.5

CVE-2013-7074

  • EPSS 0.34%
  • Veröffentlicht 21.12.2013 00:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject ...

4.3

CVE-2013-7076

  • EPSS 0.48%
  • Veröffentlicht 21.12.2013 00:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3

CVE-2013-7077

  • EPSS 0.33%
  • Veröffentlicht 21.12.2013 00:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.5

CVE-2012-6144

  • EPSS 0.6%
  • Veröffentlicht 01.07.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.

3.5

CVE-2012-6145

  • EPSS 0.2%
  • Veröffentlicht 01.07.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

3.5

CVE-2012-6147

  • EPSS 0.2%
  • Veröffentlicht 01.07.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML v...

3.5

CVE-2012-6148

  • EPSS 0.22%
  • Veröffentlicht 01.07.2013 21:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

6.4

CVE-2013-1843

  • EPSS 0.63%
  • Veröffentlicht 20.03.2013 15:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks v...