Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
typo3 typo3 6.2.0 vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2014-3944
The Authentication component in TYPO3 6.2.0 prior to 6.2.3 does not properly invalidate timed out user sessions, which allows remote malicious users to bypass authentication via unspecified vectors.
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2
356
VMScore
CVE-2014-3946
The query caching functionality in the Extbase Framework component in TYPO3 6.2.0 prior to 6.2.3 does not properly validate group permissions, which allows remote authenticated users to read arbitrary queries via unspecified vectors.
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2
383
VMScore
CVE-2015-8760
The Flvplayer component in TYPO3 6.2.x prior to 6.2.16 allows remote malicious users to embed Flash videos from external domains via unspecified vectors, aka "Cross-Site Flashing."
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.11
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.13
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
312
VMScore
CVE-2015-8756
Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x prior to 6.2.16 allows remote authenticated editors to inject arbitrary web script or HTML via unspecified vectors.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.13
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.11
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.6
383
VMScore
CVE-2016-4056
Cross-site scripting (XSS) vulnerability in the Backend component in TYPO3 6.2.x prior to 6.2.19 allows remote malicious users to inject arbitrary web script or HTML via the module parameter when creating a bookmark.
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.18
Typo3 Typo3 6.2.16
Typo3 Typo3 6.2.17
Typo3 Typo3 6.2
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.11
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.13
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.8
312
VMScore
CVE-2015-8755
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.0
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.1
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.4
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.13
383
VMScore
CVE-2015-8757
Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to extension data during an extension installation.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.12
Typo3 Typo3 6.2.10
Typo3 Typo3 7.6.0
Typo3 Typo3 7.4.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.6
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.11
Typo3 Typo3 7.6.1
Typo3 Typo3 7.5.0
Typo3 Typo3 7.0.1
Typo3 Typo3 7.3.1
Typo3 Typo3 7.3.0
Typo3 Typo3 7.2.0
312
VMScore
CVE-2015-8758
Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors.
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.5.0
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.1
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.14
Typo3 Typo3 6.2.12
Typo3 Typo3 7.6.0
Typo3 Typo3 7.2.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.8
Typo3 Typo3 6.2.6
312
VMScore
CVE-2015-8759
Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x prior to 6.2.16 and 7.x prior to 7.6.1 allows remote authenticated editors to inject arbitrary web script or HTML via a link field.
Typo3 Typo3 7.1.0
Typo3 Typo3 7.0.2
Typo3 Typo3 7.0.0
Typo3 Typo3 6.2.9
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.1
Typo3 Typo3 6.2.0
Typo3 Typo3 7.6.1
Typo3 Typo3 7.6.0
Typo3 Typo3 7.5.0
Typo3 Typo3 6.2.4
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.15
Typo3 Typo3 6.2.14
Typo3 Typo3 7.4.0
Typo3 Typo3 7.3.0
Typo3 Typo3 6.2.7
Typo3 Typo3 6.2.5
Typo3 Typo3 6.2.12
Typo3 Typo3 7.3.1
Typo3 Typo3 7.2.0
312
VMScore
CVE-2015-5956
The sanitizeLocalUrl function in TYPO3 6.x prior to 6.2.15, 7.x prior to 7.4.0, 4.5.40, and previous versions allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attacks via a base64 encoded data URI, as demonstrated by the (1) return...
Typo3 Typo3 6.0.12
Typo3 Typo3 6.0.13
Typo3 Typo3 6.0.14
Typo3 Typo3 6.0.8
Typo3 Typo3 6.0.9
Typo3 Typo3 6.1.6
Typo3 Typo3 6.1.7
Typo3 Typo3 6.2.2
Typo3 Typo3 6.2.3
Typo3 Typo3 6.2.10
Typo3 Typo3 6.2.11
Typo3 Typo3 7.0.0
Typo3 Typo3
Typo3 Typo3 6.0
Typo3 Typo3 6.0.1
Typo3 Typo3 6.0.4
Typo3 Typo3 6.0.5
Typo3 Typo3 6.1.2
Typo3 Typo3 6.1.3
Typo3 Typo3 6.2
Typo3 Typo3 6.2.0
Typo3 Typo3 6.2.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »