Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.2.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5656
Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
NA
CVE-2009-3634
Cross-site scripting (XSS) vulnerability in the Frontend Login Box (aka felogin) subcomponent in TYPO3 4.2.0 up to and including 4.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.2
NA
CVE-2009-0258
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to execute arbitrary commands via a crafted filename containing shell metachara...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to hijack web sessions via unspecified vectors related to (1) frontend and (2)...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2010-3716
The be_user_creation task in TYPO3 4.2.x prior to 4.2.15 and 4.3.x prior to 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.9
NA
CVE-2009-0257
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
1 EDB exploit
NA
CVE-2010-3717
The t3lib_div::validEmail function in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote malicious users to cause a denial of service (memory consu...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
NA
CVE-2010-3715
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
NA
CVE-2010-4068
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-201...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »