Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.0 vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-5069
Cross-site scripting (XSS) vulnerability in class.tx_indexedsearch.php in the Indexed Search 2.9.0 extension for Typo3 prior to 4.0.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the search parameter.
Typo3 Typo3 4.0
Typo3 Typo3
7.5
CVSSv2
CVE-2006-6690
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 up to and including 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlare...
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 3.7.0
Typo3 Typo3 3.8
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
1 EDB exploit
4.3
CVSSv2
CVE-2008-2718
Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.1, as used in extensions such as (1) direct_mail_subscription, (2) feuser_admin, and (3) kb_md5fepw, allows remote malicious users to inject arb...
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.0
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1
Typo3 Typo3 4.2
6.5
CVSSv2
CVE-2007-6381
SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 up to and including 4.0.7, and 4.1 up to and including 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Typo3 Typo3
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.2
Typo3 Typo3 3.0
Typo3 Typo3 3.7.0
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.1.3
Typo3 Typo3 3.7.1
Typo3 Typo3 3.8
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 3.8.1
Typo3 Typo3 4.0
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1
7.5
CVSSv2
CVE-2009-4855
SQL injection vulnerability in index.php in TYPO3 4.0 allows remote malicious users to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is gener...
Typo3 Typo3 4.0
1 EDB exploit
6.5
CVSSv2
CVE-2008-2717
TYPO3 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote malicious users to bypass security restrictions and upload configuration files such as .htaccess, or conduct file...
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Apache Apache Webserver
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1
Typo3 Typo3 4.1.1
7.5
CVSSv2
CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to hijack web sessions via unspecified vectors related to (1) frontend and (2)...
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.8
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2.3
4.3
CVSSv2
CVE-2009-0257
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files...
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.8
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2.3
10
CVSSv2
CVE-2009-0258
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to execute arbitrary commands via a crafted filename containing shell metachara...
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.8
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2.3
5
CVSSv2
CVE-2009-0815
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x up to and including 3.8.x, 4.0 prior to 4.0.12, 4.1 prior to 4.1.10, 4.2 prior to 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote malicious users to read arbitrary files by inclu...
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 3.6.x
Typo3 Typo3 3.8.x
Typo3 Typo3 4.0
Typo3 Typo3 4.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.3
Typo3 Typo3 3.7.x
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.2
Typo3 Typo3 3.3.x
Typo3 Typo3 3.5.x
Typo3 Typo3 4.2
Typo3 Typo3 4.1.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »