| CVE-2017-14251 |
high |
8.8 |
8.8 |
|
|
|
9y ago |
TYPO3 Arbitrary Code Execution |
| CVE-2010-3714 |
high |
— |
8.1 |
|
|
|
16y ago |
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism |
| CVE-2010-5099 |
medium |
— |
7.8 |
|
|
|
14y ago |
TYPO3 Path Traversal vulnerability |
| CVE-2014-9509 |
high |
— |
7.5 |
|
|
|
12y ago |
Typo3 Vulnerable to Cache Poisoning |
| CVE-2013-4701 |
high |
— |
7.5 |
|
|
|
13y ago |
PHP OpenID Library Denial of Service vulnerability |
| CVE-2010-1153 |
medium |
— |
6.8 |
|
|
|
16y ago |
TYPO3 PHP remote file inclusion vulnerability |
| CVE-2013-4321 |
medium |
— |
6.5 |
|
|
|
12y ago |
TYPO3 vulnerable to remote authenticated arbitrary code execution |
| CVE-2013-4250 |
medium |
— |
6.5 |
|
|
|
12y ago |
TYPO3 doesn't properly check file extensions |
| CVE-2013-7075 |
medium |
— |
6.5 |
|
|
|
13y ago |
TYPO3 vulnerable to Insecure Unserialize via Content Editing Wizards component |
| CVE-2012-6144 |
medium |
— |
6.5 |
|
|
|
13y ago |
Typo3 Backend History Module Vulnerable to SQL Injection |
| CVE-2016-4056 |
medium |
6.1 |
6.1 |
|
|
|
10y ago |
TYPO3 Backend component Cross-site scripting (XSS) vulnerability |
| CVE-2015-8760 |
medium |
6.1 |
6.1 |
|
|
|
11y ago |
TYPO3 allows remote attackers to embed Flash videos from external domain |
| CVE-2014-3942 |
medium |
— |
6.0 |
|
|
|
12y ago |
TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP code |
| CVE-2010-5103 |
medium |
— |
6.0 |
|
|
|
14y ago |
TYPO3 SQL Injection vulnerability |
| CVE-2014-3944 |
medium |
— |
5.8 |
|
|
|
12y ago |
TYPO3 Improper Session Invalidation |
| CVE-2015-8759 |
medium |
5.4 |
5.4 |
|
|
|
11y ago |
TYPO3 Cross-site Scripting vulnerability |
| CVE-2015-8756 |
medium |
5.4 |
5.4 |
|
|
|
11y ago |
TYPO3 CMS indexed search Cross-site Scripting vulnerability |
| CVE-2015-8755 |
medium |
5.4 |
5.4 |
|
|
|
11y ago |
Typo3 XSS Vulnerability |
| CVE-2017-6370 |
medium |
5.3 |
5.3 |
|
|
|
9y ago |
TYPO3 Information Disclosure Vulnerability |
| CVE-2014-3941 |
medium |
— |
5.0 |
|
|
|
12y ago |
Typo3 Host Header Spoofing Vulnerability |
| CVE-2012-1608 |
medium |
— |
5.0 |
|
|
|
14y ago |
Typo3 API XSS Vulnerabilities |
| CVE-2012-1607 |
medium |
— |
5.0 |
|
|
|
14y ago |
TYPO3 allows remote attackers to obtain the database name via a direct request |
| CVE-2012-1605 |
medium |
— |
5.0 |
|
|
|
14y ago |
Typo3 Extbase Framework Unsafe Deserialization |
| CVE-2012-3527 |
medium |
— |
4.6 |
|
|
|
14y ago |
TYPO3 allows remote authenticated backend users to unserialize arbitrary objects |
| CVE-2014-9508 |
medium |
— |
4.3 |
|
|
|
12y ago |
Typo3 Open Redirect In Frontend Rendering |
| CVE-2013-7341 |
medium |
— |
4.3 |
|
|
|
12y ago |
Moodle cross-site scripting (XSS) vulnerabilities |
| CVE-2012-3531 |
medium |
— |
4.3 |
|
|
|
14y ago |
Typo3 Install Tool XSS Vulnerability |
| CVE-2012-3530 |
medium |
— |
4.3 |
|
|
|
14y ago |
Typo3 API XSS Vulnerability |
| CVE-2012-2112 |
medium |
— |
4.3 |
|
|
|
14y ago |
Typo3 Exception Handler XSS |
| CVE-2014-3946 |
medium |
— |
4.0 |
|
|
|
12y ago |
Typo3 Information Disclosure |
| CVE-2014-3945 |
medium |
— |
4.0 |
|
|
|
12y ago |
TYPO3 vulnerable to authentication bypass via leveraging knowledge of password hash |
| CVE-2012-6146 |
medium |
— |
4.0 |
|
|
|
12y ago |
Typo3 Backend History Module Vulnerable to XSS |
| CVE-2013-7073 |
medium |
— |
4.0 |
|
|
|
13y ago |
TYPO3 vulnerable to Information Disclosure via Content Editing Wizards component |
| CVE-2010-5101 |
medium |
— |
4.0 |
|
|
|
14y ago |
TYPO3 Directory Traversal vulnerability |
| CVE-2019-10912 |
unknown |
— |
— |
|
|
|
6y ago |
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this coul… |
| CVE-2018-14041 |
unknown |
— |
— |
|
|
|
8y ago |
Bootstrap Cross-site Scripting vulnerability |
