Typo3 Cms vulnerabilities

CVE-2012-6147 [LOW] CWE-79 Typo3 Backend API XSS Vulnerability Typo3 Backend API XSS Vulnerability Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors.

CVE-2012-3529 [LOW] CWE-200 Typo3 Backend Configuration XSS Vulnerability Typo3 Backend Configuration XSS Vulnerability The configuration module in the backend in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote authenticated backend users to obtain the encryption key via unspecified vectors.

CVE-2014-3942 [HIGH] CWE-94 TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP code TYPO3 Color Picker Wizard component allows remote authenticated editors to execute arbitrary PHP code The Color Picker Wizard component in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, and 6.1.0 before 6.1.9 allows remote authenticated editors to execute arbitrary PHP code via a serialized PHP object.

CVE-2014-3941 [MEDIUM] CWE-20 Typo3 Host Header Spoofing Vulnerability Typo3 Host Header Spoofing Vulnerability TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to "Host Spoofing."

CVE-2018-6905 [MEDIUM] CWE-79 Typo3 XSS Vulnerability Typo3 XSS Vulnerability The page module in TYPO3 before 8.7.11 has XSS via `$GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']`, as demonstrated by an admin entering a crafted site name during the installation process.

CVE-2015-5956 [LOW] CWE-79 TYPO3 cross-site scripting (XSS) TYPO3 cross-site scripting (XSS) The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7.4.0, 4.5.40, and earlier allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attacks via a base64 encoded data URI, as demonstrated by the (1) returnUrl parameter to show_rechis.php and the (2) redirect_url parameter to index.php.

CVE-2014-3943 [LOW] CWE-79 Typo3 XSS Vulnerabilities Typo3 XSS Vulnerabilities Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allow remote authenticated editors to inject arbitrary web script or HTML via unknown parameters.

CVE-2013-7341 [MEDIUM] CWE-79 Moodle cross-site scripting (XSS) vulnerabilities Moodle cross-site scripting (XSS) vulnerabilities Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by (1) providing a crafted playerId or (2) referencing an external domain, a related issue to CVE-2013-7342.

CVE-2010-1153 [HIGH] CWE-94 TYPO3 PHP remote file inclusion vulnerability TYPO3 PHP remote file inclusion vulnerability PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.

CVE-2009-0258 [HIGH] CWE-20 Indexed Search Engine for TYPO3 Command Execution via Metacharacter Injection Indexed Search Engine for TYPO3 Command Execution via Metacharacter Injection The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.

CVE-2009-0256 [HIGH] CWE-287 Authentication library in TYPO3 vulnerable to session fixation Authentication library in TYPO3 vulnerable to session fixation Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.

CVE-2009-0815 [MEDIUM] CWE-200 TYPO3 leaks a hash secret in an error message TYPO3 leaks a hash secret in an error message The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.

CVE-2009-0816 [MEDIUM] CWE-79 Typo3 Backend XSS Vulnerability Typo3 Backend XSS Vulnerability An Information Disclosure vulnerability in jumpUrl mechanism, used to track access on web pages and provided files, allows a remote attacker to read arbitrary files on a host. The expected value of a mandatory hash secret, intended to invalidate such requests, is exposed to remote users allowing them to bypass access control by providing the correct value. There's no authentication required to exploi

CVE-2009-3635 [MEDIUM] CWE-287 TYPO3 Install Tool Subcomponent Allows Access Using Only a Password's MD5 Hash as a Credential TYPO3 Install Tool Subcomponent Allows Access Using Only a Password's MD5 Hash as a Credential The Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to gain access by using only the password's md5 hash as a credential.

CVE-2005-4875 [HIGH] CWE-200 TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/` TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/` TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.

CVE-2011-4628 [CRITICAL] CWE-287 Typo3 Authentication Bypass Typo3 Authentication Bypass TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.

CVE-2011-3583 [CRITICAL] CWE-89 Typo3 SQL injection due to faulty prepared statements Typo3 SQL injection due to faulty prepared statements It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input.

CVE-2011-4627 [MEDIUM] CWE-200 Typo3 Information Disclosure Typo3 Information Disclosure TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.

CVE-2011-4900 [MEDIUM] CWE-200 Typo3 Information Disclosure Typo3 Information Disclosure TYPO3 before 4.5.4 allows Information Disclosure in the backend.

CVE-2011-4903 [MEDIUM] CWE-79 Typo3 XSS in RemoveXSS function Typo3 XSS in RemoveXSS function Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.