Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 6.2.11 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2015-8756
Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x prior to 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.13
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.11
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.6
383
VMScore
CVE-2015-8760
The Flvplayer component in TYPO3 6.2.x prior to 6.2.16 allows remote malicious users to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.11
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.13
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
383
VMScore
CVE-2016-4056
Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3 6.2.x prior to 6.2.19 allows remote malicious users to inject arbitrary web script or HTML via the module parameter when creating a bookmark.
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.18
Typo3 Typo3 6.2.16
Typo3 Typo3 6.2.17
Typo3 Typo3 6.2
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.11
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.13
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.8
312
VMScore
CVE-2015-8755
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.0
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.1
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.4
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.13
312
VMScore
CVE-2015-8759
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.14
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.12
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
383
VMScore
CVE-2015-8757
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.10
Typo3 Typo3 7.6.0
Typo3 Typo3 7.4.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.11
Typo3 Typo3 7.6.1
Typo3 Typo3 7.5.0
Typo3 Typo3 7.0.1
Typo3 Typo3 7.3.1
Typo3 Typo3 7.3.0
Typo3 Typo3 7.2.0
312
VMScore
CVE-2015-8758
Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.5.0
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.1
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.12
Typo3 Typo3 7.6.0
Typo3 Typo3 7.2.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.6
312
VMScore
CVE-2015-5956
The sanitizeLocalUrl function in TYPO3 6.x prior to 6.2.15, 7.x prior to 7.4.0, 4.5.40, and previous versions allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attacks via a base64 encoded data URI, as demonstrated by the (1) return...
Typo3 Typo3 6.0.12
Typo3 Typo3 6.0.13
Typo3 Typo3 6.0.14
Typo3 Typo3 6.0.8
Typo3 Typo3 6.0.9
Typo3 Typo3 6.1.6
Typo3 Typo3 6.1.7
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.11
Typo3 Typo3 7.0.0
Typo3 Typo3
Typo3 Typo3 6.0
Typo3 Typo3 6.0.1
Typo3 Typo3 6.0.4
Typo3 Typo3 6.0.5
Typo3 Typo3 6.1.2
Typo3 Typo3 6.1.3
Typo3 Typo3 6.2
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started