Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2718
Cross-site scripting (XSS) vulnerability in fe_adminlib.inc in TYPO3 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.1, as used in extensions such as (1) direct_mail_subscription, (2) feuser_admin, and (3) kb_md5fepw, allows remote malicious users to inject arb...
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.0
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1
Typo3 Typo3 4.2
NA
CVE-2007-6381
SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 up to and including 4.0.7, and 4.1 up to and including 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Typo3 Typo3
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.2
Typo3 Typo3 3.0
Typo3 Typo3 3.7.0
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.1.3
Typo3 Typo3 3.7.1
Typo3 Typo3 3.8
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 3.8.1
Typo3 Typo3 4.0
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1
NA
CVE-2008-2717
TYPO3 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.1, uses an insufficiently restrictive default fileDenyPattern for Apache, which allows remote malicious users to bypass security restrictions and upload configuration files such as .htaccess, or conduct file...
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Apache Apache Webserver
Typo3 Typo3 4.0.7
Typo3 Typo3 4.0.8
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.1
Typo3 Typo3 4.1.1
NA
CVE-2009-0815
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x up to and including 3.8.x, 4.0 prior to 4.0.12, 4.1 prior to 4.1.10, 4.2 prior to 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote malicious users to read arbitrary files by inclu...
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 3.6.x
Typo3 Typo3 3.8.x
Typo3 Typo3 4.0
Typo3 Typo3 4.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.3
Typo3 Typo3 3.7.x
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.2
Typo3 Typo3 3.3.x
Typo3 Typo3 3.5.x
Typo3 Typo3 4.2
Typo3 Typo3 4.1.2
1 EDB exploit
NA
CVE-2009-0816
Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x up to and including 3.8.x, 4.0 prior to 4.0.12, 4.1 prior to 4.1.10, 4.2 prior to 4.2.6, and 4.3alpha1 allow remote malicious users to inject arbitrary web script or HTML via unspecif...
Typo3 Typo3 4.0.3
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.11
Typo3 Typo3 4.1
Typo3 Typo3 4.1.8
Typo3 Typo3 4.1.9
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.9
Typo3 Typo3 4.0.10
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.5
Typo3 Typo3 4.0
NA
CVE-2009-3632
SQL injection vulnerability in the traditional frontend editing feature in the Frontend Editing subcomponent in TYPO3 4.0.13 and previous versions, 4.1.x prior to 4.1.13, 4.2.x prior to 4.2.10, and 4.3.x prior to 4.3beta2 allows remote authenticated users to execute arbitrary SQL...
Typo3 Typo3 4.0.10
Typo3 Typo3 4.0
Typo3 Typo3 4.0.5
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.11
Typo3 Typo3 4.1.12
Typo3 Typo3 4.11
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.6
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.10
Typo3 Typo3 4.1.7
Typo3 Typo3 4.1.6
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.9
Typo3 Typo3 4.3
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.10
Typo3 Typo3 4.2.2
NA
CVE-2009-3629
Multiple cross-site scripting (XSS) vulnerabilities in the Backend subcomponent in TYPO3 4.0.13 and previous versions, 4.1.x prior to 4.1.13, 4.2.x prior to 4.2.10, and 4.3.x prior to 4.3beta2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified...
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1
Typo3 Typo3 4.1.7
Typo3 Typo3 4.1.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.0.11
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.5
Typo3 Typo3 4.1.8
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.3
Typo3 Typo3 4.0.12
Typo3 Typo3 4.0
Typo3 Typo3 4.0.7
5.4
CVSSv3
CVE-2010-3659
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x prior to 4.1.14, 4.2.x prior to 4.2.13, 4.3.x prior to 4.3.4, and 4.4.x prior to 4.4.1 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified parameters to the extensio...
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.2.1
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.0
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.8
Typo3 Typo3 4.1.13
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.1.9
NA
CVE-2006-6690
rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 up to and including 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlare...
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 3.7.0
Typo3 Typo3 3.8
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
1 EDB exploit
NA
CVE-2014-3945
The Authentication component in TYPO3 prior to 6.2, when salting for password hashing is disabled, does not require knowledge of the cleartext password if the password hash is known, which allows remote malicious users to bypass authentication and gain access to the backend by le...
Typo3 Typo3 4.0.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.10
Typo3 Typo3 4.0
Typo3 Typo3 4.0.12
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.15
Typo3 Typo3 4.1.3
Typo3 Typo3 4.1.8
Typo3 Typo3 4.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.16
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.9
Typo3 Typo3 4.3.13
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.7
Typo3 Typo3 4.3.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »