Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 7.4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24751
sf_event_mgt is an event management and registration extension for the TYPO3 CMS based on ExtBase and Fluid. In affected versions the existing access control check for events in the backend module got broken during the update of the extension to TYPO3 12.4, because the `RedirectR...
4
CVSSv2
CVE-2020-25025
The l10nmgr (aka Localization Manager) extension prior to 7.4.0, 8.x prior to 8.7.0, and 9.x prior to 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).
Localization Manager Project Localization Manager
6.8
CVSSv2
CVE-2016-5091
Extbase in TYPO3 4.3.0 prior to 6.2.24, 7.x prior to 7.6.8, and 8.1.1 allows remote malicious users to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action.
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.2
Typo3 Typo3 7.6.3
Typo3 Typo3 7.6.4
Typo3 Typo3 7.3.1
Typo3 Typo3 7.5.0
Typo3 Typo3 7.6.6
Typo3 Typo3 7.6.8
Typo3 Typo3 7.0.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.1.0
Typo3 Typo3 7.2.0
Typo3 Typo3 7.3.0
Typo3 Typo3
Typo3 Typo3 8.1.1
Typo3 Typo3 7.4.0
Typo3 Typo3 7.6.0
Typo3 Typo3 7.6.5
Typo3 Typo3 7.6.7
3.5
CVSSv2
CVE-2015-8755
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.0
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.1
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.4
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.13
4.3
CVSSv2
CVE-2015-8757
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.10
Typo3 Typo3 7.6.0
Typo3 Typo3 7.4.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.11
Typo3 Typo3 7.6.1
Typo3 Typo3 7.5.0
Typo3 Typo3 7.0.1
Typo3 Typo3 7.3.1
Typo3 Typo3 7.3.0
Typo3 Typo3 7.2.0
3.5
CVSSv2
CVE-2015-8758
Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.5.0
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.1
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.12
Typo3 Typo3 7.6.0
Typo3 Typo3 7.2.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.6
3.5
CVSSv2
CVE-2015-8759
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.14
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.12
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
3.5
CVSSv2
CVE-2015-5956
The sanitizeLocalUrl function in TYPO3 6.x prior to 6.2.15, 7.x prior to 7.4.0, 4.5.40, and previous versions allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attacks via a base64 encoded data URI, as demonstrated by the (1) return...
Typo3 Typo3 6.0.12
Typo3 Typo3 6.0.13
Typo3 Typo3 6.0.14
Typo3 Typo3 6.0.8
Typo3 Typo3 6.0.9
Typo3 Typo3 6.1.6
Typo3 Typo3 6.1.7
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.11
Typo3 Typo3 7.0.0
Typo3 Typo3
Typo3 Typo3 6.0
Typo3 Typo3 6.0.1
Typo3 Typo3 6.0.4
Typo3 Typo3 6.0.5
Typo3 Typo3 6.1.2
Typo3 Typo3 6.1.3
Typo3 Typo3 6.2
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started