Product:

Typo3

(Typo3)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 127
Date ID Summary Products Score Patch
2019-11-06 CVE-2011-4631 Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler. Typo3 N/A
2019-11-06 CVE-2011-4630 Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browse_links wizard. Typo3 N/A
2019-11-06 CVE-2011-4629 Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel. Typo3 N/A
2019-11-05 CVE-2010-3671 TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a session fixation attack which allows remote attackers to hijack a victim's session. Typo3 N/A
2019-11-05 CVE-2010-3670 TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the "forgot password" function. Typo3 N/A
2019-11-06 CVE-2011-4904 TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services. Typo3 N/A
2019-11-06 CVE-2011-4903 Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function. Typo3 N/A
2019-11-06 CVE-2011-4902 TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver. Typo3 N/A
2019-11-06 CVE-2011-4901 TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database. Typo3 N/A
2019-11-06 CVE-2011-4900 TYPO3 before 4.5.4 allows Information Disclosure in the backend. Debian_linux, Typo3 N/A