Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.0.9 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2009-0255
The System extension Install tool in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 creates the encryption key with an insufficiently random seed, which makes it easier for malicious users to crack the key.
Typo3 Typo3
Debian Debian Linux 4.0
NA
CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to hijack web sessions via unspecified vectors related to (1) frontend and (2)...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2009-0257
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2009-0258
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to execute arbitrary commands via a crafted filename containing shell metachara...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2008-2717
TYPO3 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote malicious users to bypass security restrictions and upload configuration files such as .htaccess, or conduct file...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1
Typo3 Typo3 4.2
Typo3 Typo3 4.1.6
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Apache Apache Webserver
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
NA
CVE-2008-2718
Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.1, as used in extensions such as (1) direct_mail_subscription, (2) feuser_admin, and (3) kb_md5fepw, allows remote malicious users to inject arb...
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1
Typo3 Typo3 4.2
Typo3 Typo3 4.1.6
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2