CVE-2013-7074
- EPSS 1.09%
- Veröffentlicht 21.12.2013 00:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple cross-site scripting (XSS) vulnerabilities in Content Editing Wizards in TYPO3 4.5.x before 4.5.32, 4.7.x before 4.7.17, 6.0.x before 6.0.12, 6.1.x before 6.1.7, and the development versions of 6.2 allow remote authenticated users to inject ...
CVE-2013-7076
- EPSS 1.36%
- Veröffentlicht 21.12.2013 00:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Cross-site scripting (XSS) vulnerability in Extension Manager in TYPO3 4.5.x before 4.5.32 and 4.7.x before 4.7.17 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-7077
- EPSS 1.19%
- Veröffentlicht 21.12.2013 00:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
Cross-site scripting (XSS) vulnerability in the Backend User Administration Module in TYPO3 6.0.x before 6.0.12 and 6.1.x before 6.1.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-6144
- EPSS 2.17%
- Veröffentlicht 01.07.2013 21:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-6145
- EPSS 1.18%
- Veröffentlicht 01.07.2013 21:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-6147
- EPSS 1.82%
- Veröffentlicht 01.07.2013 21:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML v...
CVE-2012-6148
- EPSS 1.18%
- Veröffentlicht 01.07.2013 21:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-1843
- EPSS 2.42%
- Veröffentlicht 20.03.2013 15:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks v...
CVE-2013-1842
- EPSS 3.12%
- Veröffentlicht 20.03.2013 15:55:00
- Zuletzt bearbeitet 29.04.2026 01:13:23
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "the Quer...
CVE-2012-3529
- EPSS 0.84%
- Veröffentlicht 05.09.2012 23:55:02
- Zuletzt bearbeitet 16.06.2026 23:43:24
The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.