Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-36789
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows SQL Injection.
Dated News Project Dated News
6.4
CVSSv2
CVE-2021-36792
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 has incorrect Access Control for confirming various applications.
Dated News Project Dated News
3.5
CVSSv2
CVE-2021-36785
The miniorange_saml (aka Miniorange Saml) extension prior to 1.4.3 for TYPO3 allows XSS.
Miniorange Saml
5
CVSSv2
CVE-2021-36786
The miniorange_saml (aka Miniorange Saml) extension prior to 1.4.3 for TYPO3 allows Sensitive Data Exposure of API credentials and private keys.
Miniorange Saml
3.5
CVSSv2
CVE-2021-36787
The femanager extension prior to 5.5.1 and 6.x prior to 6.3.1 for TYPO3 allows XSS via a crafted SVG document.
In2code Femanager
3.5
CVSSv2
CVE-2021-36788
The yoast_seo (aka Yoast SEO) extension prior to 7.2.3 for TYPO3 allows XSS.
Yoast Yoast Seo
4.3
CVSSv2
CVE-2021-36790
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows XSS.
Dated News Project Dated News
5
CVSSv2
CVE-2021-36791
The dated_news (aka Dated News) extension up to and including 5.1.1 for TYPO3 allows Information Disclosure of application registration data.
Dated News Project Dated News
5
CVSSv2
CVE-2021-36793
The routes (aka Extbase Yaml Routes) extension prior to 2.1.1 for TYPO3, when CsrfTokenViewHelper is used, allows Sensitive Information Disclosure because a session identifier is unsafely present in HTML output.
Routes Project Routes
4.3
CVSSv2
CVE-2021-32768
TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting...
Typo3 Typo3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »