Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-33157
The libconnect extension prior to 7.0.8 and 8.x prior to 8.1.0 for TYPO3 allows XSS.
Libconnect Project Libconnect
668
VMScore
CVE-2022-29601
The seminars (aka Seminar Manager) extension up to and including 4.1.3 for TYPO3 allows SQL Injection.
Oliverklee Seminars
312
VMScore
CVE-2022-33154
The schema (aka Embedding schema.org vocabulary) extension prior to 1.13.1 and 2.x prior to 2.5.1 for TYPO3 allows XSS.
Schema Project Schema
668
VMScore
CVE-2022-29600
The oelib (aka One is Enough Library) extension up to and including 4.1.5 for TYPO3 allows SQL Injection.
Oliverklee Oelib
312
VMScore
CVE-2022-33155
The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension prior to 1.2.23 for TYPO3 allows XSS.
Ameos Tarteaucitron Project Ameos Tarteaucitron
312
VMScore
CVE-2022-31048
TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is ne...
Typo3 Typo3
356
VMScore
CVE-2022-31046
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export...
Typo3 Typo3
356
VMScore
CVE-2022-31047
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete except...
Typo3 Typo3
312
VMScore
CVE-2022-31049
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages....
Typo3 Typo3
578
VMScore
CVE-2022-31050
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled...
Typo3 Typo3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »