Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.3.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1153
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x prior to 4.3.3 allows remote malicious users to execute arbitrary PHP code via a URL in an input field associated with the className variable.
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
NA
CVE-2010-5097
Cross-site scripting (XSS) vulnerability in the click enlarge functionality in TYPO3 4.3.x prior to 4.3.9 and 4.4.x prior to 4.4.5 when the caching framework is enabled, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Typo3 Typo3 4.3.6
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.8
Typo3 Typo3 4.3.7
Typo3 Typo3 4.4.4
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.3
NA
CVE-2010-3716
The be_user_creation task in TYPO3 4.2.x prior to 4.2.15 and 4.3.x prior to 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.9
NA
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
1 EDB exploit
NA
CVE-2010-3717
The t3lib_div::validEmail function in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote malicious users to cause a denial of service (memory consu...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
NA
CVE-2010-3715
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
NA
CVE-2010-4068
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-201...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4
NA
CVE-2010-5101
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality.&q...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.8
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.3.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.4.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
NA
CVE-2010-5104
The escapeStrForLike method in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote malicious users to obtain sensitive information via wildc...
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.8
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.3.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.4.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
NA
CVE-2010-5102
Directory traversal vulnerability in mod/tools/em/class.em_unzip.php in the unzip library in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 allows remote malicious users to write arbitrary files via unspecified vectors.
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.8
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.3.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.3
Typo3 Typo3 4.4.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »