Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 4.2.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-5656
Cross-site scripting (XSS) vulnerability in the frontend plugin for the felogin system extension in TYPO3 4.2.0, 4.2.1 and 4.2.2 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.0
4.3
CVSSv2
CVE-2009-3634
Cross-site scripting (XSS) vulnerability in the Frontend Login Box (aka felogin) subcomponent in TYPO3 4.2.0 up to and including 4.2.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
7.5
CVSSv2
CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to hijack web sessions via unspecified vectors related to (1) frontend and (2)...
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.2.0
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.8
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2.3
4.3
CVSSv2
CVE-2009-0257
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allow remote malicious users to inject arbitrary web script or HTML via the (1) name and (2) content of indexed files...
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.8
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2.3
10
CVSSv2
CVE-2009-0258
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 up to and including 4.0.9, 4.1.0 up to and including 4.1.7, and 4.2.0 up to and including 4.2.3 allows remote malicious users to execute arbitrary commands via a crafted filename containing shell metachara...
Typo3 Typo3 4.0.4
Typo3 Typo3 4.0.5
Typo3 Typo3 4.1.0
Typo3 Typo3 4.1.1
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.2
Typo3 Typo3 4.0.2
Typo3 Typo3 4.0.3
Typo3 Typo3 4.1.6
Typo3 Typo3 4.1.7
Typo3 Typo3 4.0
Typo3 Typo3 4.0.1
Typo3 Typo3 4.0.8
Typo3 Typo3 4.0.9
Typo3 Typo3 4.1.4
Typo3 Typo3 4.1.5
Typo3 Typo3 4.0.6
Typo3 Typo3 4.0.7
Typo3 Typo3 4.1.2
Typo3 Typo3 4.1.3
Typo3 Typo3 4.2.3
6
CVSSv2
CVE-2010-3716
The be_user_creation task in TYPO3 4.2.x prior to 4.2.15 and 4.3.x prior to 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
Typo3 Typo3 4.2.1
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.3.0
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
4.3
CVSSv2
CVE-2010-3715
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allow remote malicious users to inject arbitrary web script or HTML via vectors related to (1) the RemoveXSS function, and allow remote authenticated...
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.10
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.3.2
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.1
4.9
CVSSv2
CVE-2010-4068
Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 allows remote authenticated administrators to read and possibly modify arbitrary files via a crafted parameter, a different vulnerability than CVE-201...
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.4
Typo3 Typo3 4.2.11
Typo3 Typo3 4.3.3
Typo3 Typo3 4.3.5
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.2
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.1
7.1
CVSSv2
CVE-2010-3714
The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote malicious users to read a...
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.1
Typo3 Typo3 4.3.0
Typo3 Typo3 4.3.1
Typo3 Typo3 4.4.2
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.4.1
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.6
1 EDB exploit
5
CVSSv2
CVE-2010-3717
The t3lib_div::validEmail function in TYPO3 4.2.x prior to 4.2.15, 4.3.x prior to 4.3.7, and 4.4.x prior to 4.4.4 does not properly restrict input to filter_var FILTER_VALIDATE_EMAIL operations in PHP, which allows remote malicious users to cause a denial of service (memory consu...
Typo3 Typo3 4.2.6
Typo3 Typo3 4.2.7
Typo3 Typo3 4.2.8
Typo3 Typo3 4.2.9
Typo3 Typo3 4.2.0
Typo3 Typo3 4.3.4
Typo3 Typo3 4.3.5
Typo3 Typo3 4.3.6
Typo3 Typo3 4.4
Typo3 Typo3 4.2.3
Typo3 Typo3 4.2.2
Typo3 Typo3 4.2.4
Typo3 Typo3 4.3.1
Typo3 Typo3 4.3.3
Typo3 Typo3 4.4.1
Typo3 Typo3 4.4.3
Typo3 Typo3 4.2.11
Typo3 Typo3 4.2.12
Typo3 Typo3 4.2.13
Typo3 Typo3 4.2.14
Typo3 Typo3 4.2.5
Typo3 Typo3 4.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »