Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2008-3042
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and previous versions for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling."
Typo3 Dam Frontend Extension
890
VMScore
CVE-2008-2345
Unspecified vulnerability in the air_filemanager 0.6.0 and previous versions extension for TYPO3 allows remote malicious users to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."
Typo3 Air Filemanager
837
VMScore
CVE-2010-3671
TYPO3 prior to 4.1.14, 4.2.x prior to 4.2.13, 4.3.x prior to 4.3.4 and 4.4.x prior to 4.4.1 is open to a session fixation attack which allows remote malicious users to hijack a victim's session.
Typo3 Typo3
828
VMScore
CVE-2019-11832
TYPO3 8.x prior to 8.7.25 and 9.x prior to 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
Typo3 Typo3
790
VMScore
CVE-2017-7581
SQL injection vulnerability in NewsController.php in the News module 5.3.2 and previous versions for TYPO3 allows unauthenticated users to execute arbitrary SQL commands via vectors involving overwriteDemand for order and OrderByAllowed.
News System Project News System
756
VMScore
CVE-2009-3631
The Backend subcomponent in TYPO3 4.0.13 and previous versions, 4.1.x prior to 4.1.13, 4.2.x prior to 4.2.10, and 4.3.x prior to 4.3beta2, when the DAM extension or ftp upload is enabled, allows remote authenticated users to execute arbitrary commands via shell metacharacters in ...
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.3
Typo3 Typo3 4.3
Typo3 Typo3 1.3.0
Typo3 Typo3 1.3.2
Typo3 Typo3 3.7.1
Typo3 Typo3 3.7.x
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.10
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.12
Typo3 Typo3 4.1.11
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 1.1
Typo3 Typo3 1.1.09
Typo3 Typo3 3.5
755
VMScore
CVE-2014-7201
Multiple SQL injection vulnerabilities in the search function in pi1/class.tx_dmmjobcontrol_pi1.php in the JobControl (dmmjobcontrol) extension 2.14.0 and previous versions for TYPO3 allow remote malicious users to execute arbitrary SQL commands via the (1) education, (2) region,...
Kevin Renskers Dmmjobcontrol
1 EDB exploit
755
VMScore
CVE-2014-6235
Unspecified vulnerability in the ke DomPDF extension prior to 0.0.5 for TYPO3 allows remote malicious users to execute arbitrary code via unknown vectors.
Kennziffer Ke Dompdf
1 EDB exploit
755
VMScore
CVE-2009-4855
SQL injection vulnerability in index.php in TYPO3 4.0 allows remote malicious users to execute arbitrary SQL commands via the showUid parameter. NOTE: the TYPO3 Security Team disputes this report, stating that "there is no such vulnerability... The showUid parameter is gener...
Typo3 Typo3 4.0
1 EDB exploit
755
VMScore
CVE-2006-6690
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 up to and including 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlare...
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 3.7.0
Typo3 Typo3 3.8
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »