Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-3042
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and previous versions for TYPO3 has unknown impact and attack vectors related to "Improper Error Handling."
Typo3 Dam Frontend Extension
10
CVSSv2
CVE-2008-2345
Unspecified vulnerability in the air_filemanager 0.6.0 and previous versions extension for TYPO3 allows remote malicious users to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."
Typo3 Air Filemanager
9.4
CVSSv2
CVE-2010-3671
TYPO3 prior to 4.1.14, 4.2.x prior to 4.2.13, 4.3.x prior to 4.3.4 and 4.4.x prior to 4.4.1 is open to a session fixation attack which allows remote malicious users to hijack a victim's session.
Typo3 Typo3
9.3
CVSSv2
CVE-2019-11832
TYPO3 8.x prior to 8.7.25 and 9.x prior to 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick.
Typo3 Typo3
8.5
CVSSv2
CVE-2009-3631
The Backend subcomponent in TYPO3 4.0.13 and previous versions, 4.1.x prior to 4.1.13, 4.2.x prior to 4.2.10, and 4.3.x prior to 4.3beta2, when the DAM extension or ftp upload is enabled, allows remote authenticated users to execute arbitrary commands via shell metacharacters in ...
Typo3 Typo3 4.3
Typo3 Typo3 1.1
Typo3 Typo3 4.1.11
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.0
Typo3 Typo3 3.5.x
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.1.8
Typo3 Typo3 4.1.6
Typo3 Typo3 0.1.2
Typo3 Typo3 4.0.10
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.2.8
Typo3 Typo3 4.1.12
Typo3 Typo3 4.0.3
Typo3 Typo3 4.2.3
Typo3 Typo3 1.3.0
Typo3 Typo3 3.7.1
Typo3 Typo3 4.1.4
Typo3 Typo3 3.7.x
7.8
CVSSv2
CVE-2014-8325
The Calendar Base (cal) extension prior to 1.5.9 and 1.6.x prior to 1.6.1 for TYPO3 allows remote malicious users to cause a denial of service (resource consumption) via vectors related to the PHP PCRE library.
Calender Base Project Calender Base 1.5.0
Calender Base Project Calender Base
Calender Base Project Calender Base 1.5.5
Calender Base Project Calender Base 1.5.6
Calender Base Project Calender Base 1.6.0
Calender Base Project Calender Base 1.5.2
Calender Base Project Calender Base 1.5.3
Calender Base Project Calender Base 1.5.1
Calender Base Project Calender Base 1.5.4
Calender Base Project Calender Base 1.5.7
7.8
CVSSv2
CVE-2010-0323
Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and previous versions for TYPO3 allows remote malicious users to obtain sensitive information via unknown attack vectors.
Arco Van Geest Goof Fotoboek
Arco Van Geest Goof Fotoboek 1.2.4
Arco Van Geest Goof Fotoboek 1.4.0
Arco Van Geest Goof Fotoboek 1.4.1
Arco Van Geest Goof Fotoboek 1.5.1
Arco Van Geest Goof Fotoboek 1.6.1
Arco Van Geest Goof Fotoboek 1.6.4
Arco Van Geest Goof Fotoboek 1.7.0
Arco Van Geest Goof Fotoboek 1.7.2
Arco Van Geest Goof Fotoboek 1.7.3
Arco Van Geest Goof Fotoboek 1.7.4
Arco Van Geest Goof Fotoboek 1.7.5
Arco Van Geest Goof Fotoboek 1.7.7
Arco Van Geest Goof Fotoboek 1.7.9
Arco Van Geest Goof Fotoboek 1.7.10
Arco Van Geest Goof Fotoboek 1.7.11
Arco Van Geest Goof Fotoboek 1.7.12
Arco Van Geest Goof Fotoboek 1.7.13
7.8
CVSSv2
CVE-2008-6630
Directory traversal vulnerability in the wt_gallery extension 2.5.0 and previous versions for TYPO3 allows remote malicious users to read arbitrary image files and determine directory structure via unspecified vectors.
Typo3 Wt Gallery
7.5
CVSSv2
CVE-2022-35628
A SQL injection issue exists in the lux extension prior to 17.6.1, and 18.x up to and including 24.x prior to 24.0.2, for TYPO3.
In2code Living User Experience
7.5
CVSSv2
CVE-2022-29600
The oelib (aka One is Enough Library) extension up to and including 4.1.5 for TYPO3 allows SQL Injection.
Oliverklee Oelib
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30065
CVE-2024-5843
CVE-2024-30080
code execution
CVE-2024-4577
CVE-2024-26169
wireless
remote code execution
CVE-2024-36103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »