Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-33157
The libconnect extension prior to 7.0.8 and 8.x prior to 8.1.0 for TYPO3 allows XSS.
Libconnect Project Libconnect
9.8
CVSSv3
CVE-2022-29600
The oelib (aka One is Enough Library) extension up to and including 4.1.5 for TYPO3 allows SQL Injection.
Oliverklee Oelib
9.8
CVSSv3
CVE-2022-29601
The seminars (aka Seminar Manager) extension up to and including 4.1.3 for TYPO3 allows SQL Injection.
Oliverklee Seminars
5.4
CVSSv3
CVE-2022-33154
The schema (aka Embedding schema.org vocabulary) extension prior to 1.13.1 and 2.x prior to 2.5.1 for TYPO3 allows XSS.
Schema Project Schema
5.4
CVSSv3
CVE-2022-33155
The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension prior to 1.2.23 for TYPO3 allows XSS.
Ameos Tarteaucitron Project Ameos Tarteaucitron
4.3
CVSSv3
CVE-2022-31046
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed columns of a particular database table. This way, authenticated users can export...
Typo3 Typo3
6.5
CVSSv3
CVE-2022-31047
TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) can be logged as plaintext in exception handlers, when logging the complete except...
Typo3 Typo3
5.4
CVSSv3
CVE-2022-31048
TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is ne...
Typo3 Typo3
5.4
CVSSv3
CVE-2022-31049
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. The actually affected components were mail clients used to view those messages....
Typo3 Typo3
7.2
CVSSv3
CVE-2022-31050
TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even if the corresponding user account was degraded to lower permissions or disabled...
Typo3 Typo3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »