Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.2.6 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3634
Cross-site scripting (XSS) vulnerability in the Frontend Login Box (aka felogin) subcomponent in TYPO3 4.2.0 up to and including 4.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
NA
CVE-2009-0815
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x up to and including 3.8.x, 4.0 prior to 4.0.12, 4.1 prior to 4.1.10, 4.2 prior to 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote malicious users to read arbitrary files by inclu...
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 3.6.x
Typo3 Typo3 3.8.x
Typo3 Typo3 4.0
Typo3 Typo3 4.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.3
Typo3 Typo3 3.7.x
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.2
Typo3 Typo3 3.3.x
Typo3 Typo3 3.5.x
Typo3 Typo3 4.2
Typo3 Typo3 4.1.2
1 EDB exploit
NA
CVE-2010-3716
The be_user_creation task in TYPO3 4.2.x prior to 4.2.15 and 4.3.x prior to 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
NA
CVE-2010-3715
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated...
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
NA
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
NA
CVE-2010-3717
The t3lib_div::validEmail function in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote malicious users to cause a denial of service (memory consu...
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.3
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.1
NA
CVE-2010-4068
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-201...
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.11
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.5
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.1
NA
CVE-2010-5101
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality.&q...
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3.7
Typo3 Typo3 4.3.8
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.4
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.6
Typo3 Typo3 4.3.0
Typo3 Typo3 4.4.2
NA
CVE-2010-5102
Directory traversal vulnerability in mod/tools/em/class.em_unzip.php in the unzip library in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 allows remote malicious users to write arbitrary files via unspecified vectors.
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.7
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.10
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.4
Typo3 Typo3 4.4.3
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.3
Typo3 Typo3 4.2.3
NA
CVE-2010-5103
SQL injection vulnerability in the list module in TYPO3 4.2.x prior to 4.2.16, 4.3.x prior to 4.3.9, and 4.4.x prior to 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.4
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.15
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.11
Typo3 Typo3 4.3.7
Typo3 Typo3 4.3.8
Typo3 Typo3 4.4.4
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »