Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47408
An issue exists in the fp_newsletter (aka Newsletter subscriber management) extension prior to 1.1.1, 1.2.0, 2.x prior to 2.1.2, 2.2.1 up to and including 2.4.0, and 3.x prior to 3.2.6 for TYPO3. There is a CAPTCHA bypass that can lead to subscribing many people.
Fp Newsletter Project Fp Newsletter
Fp Newsletter Project Fp Newsletter 1.2.0
NA
CVE-2022-47409
An issue exists in the fp_newsletter (aka Newsletter subscriber management) extension prior to 1.1.1, 1.2.0, 2.x prior to 2.1.2, 2.2.1 up to and including 2.4.0, and 3.x prior to 3.2.6 for TYPO3. Attackers can unsubscribe everyone via a series of modified subscription UIDs in del...
Fp Newsletter Project Fp Newsletter
Fp Newsletter Project Fp Newsletter 1.2.0
NA
CVE-2022-47410
An issue exists in the fp_newsletter (aka Newsletter subscriber management) extension prior to 1.1.1, 1.2.0, 2.x prior to 2.1.2, 2.2.1 up to and including 2.4.0, and 3.x prior to 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations.
Fp Newsletter Project Fp Newsletter
Fp Newsletter Project Fp Newsletter 1.2.0
NA
CVE-2022-47411
An issue exists in the fp_newsletter (aka Newsletter subscriber management) extension prior to 1.1.1, 1.2.0, 2.x prior to 2.1.2, 2.2.1 up to and including 2.4.0, and 3.x prior to 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations.
Fp Newsletter Project Fp Newsletter
Fp Newsletter Project Fp Newsletter 1.2.0
NA
CVE-2022-47406
An issue exists in the fe_change_pwd (aka Change password for frontend users) extension prior to 2.0.5, and 3.x prior to 3.0.3, for TYPO3. The extension fails to revoke existing sessions for the current user when the password has been changed.
Change Password For Frontend Users Project Change Password For Frontend Users
NA
CVE-2022-23501
TYPO3 is an open source PHP based web content management system. In versions before 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can ...
Typo3 Typo3
NA
CVE-2022-23502
TYPO3 is an open source PHP based web content management system. In versions before 10.4.33, 11.5.20, and 12.1.1, When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This app...
Typo3 Typo3
NA
CVE-2022-23504
TYPO3 is an open source PHP based web content management system. Versions before 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module,...
Typo3 Typo3
NA
CVE-2022-23503
TYPO3 is an open source PHP based web content management system. Versions before 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, i...
Typo3 Typo3
NA
CVE-2022-23500
TYPO3 is an open source PHP based web content management system. In versions before 9.5.38, 10.4.33, 11.5.20, and 12.1.1, requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from...
Typo3 Typo3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »