Filtered by vendor Typo3
Subscribe
Search
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15086 | 1 Typo3 | 1 Mediace | 2021-11-18 | 7.5 HIGH | 9.8 CRITICAL |
| In TYPO3 installations with the "mediace" extension from version 7.6.2 and before version 7.6.5, it has been discovered that an internal verification mechanism can be used to generate arbitrary checksums. The allows to inject arbitrary data having a valid cryptographic message authentication code and can lead to remote code execution. To successfully exploit this vulnerability, an attacker must have access to at least one `Extbase` plugin or module action in a TYPO3 installation. This is fixed in version 7.6.5 of the "mediace" extension for TYPO3. | |||||
| CVE-2019-11831 | 5 Debian, Drupal, Fedoraproject and 2 more | 5 Debian Linux, Drupal, Fedora and 2 more | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL. | |||||
| CVE-2020-11066 | 1 Typo3 | 1 Typo3 | 2020-05-15 | 6.4 MEDIUM | 10.0 CRITICAL |
| In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, calling unserialize() on malicious user-submitted content can lead to modification of dynamically-determined object attributes and result in triggering deletion of an arbitrary directory in the file system, if it is writable for the web server. It can also trigger message submission via email using the identity of the web site (mail relay). Another insecure deserialization vulnerability is required to actually exploit mentioned aspects. This has been fixed in 9.5.17 and 10.4.2. | |||||
| CVE-2011-3583 | 1 Typo3 | 1 Typo3 | 2019-12-05 | 7.5 HIGH | 9.8 CRITICAL |
| It was found that Typo3 Core versions 4.5.0 - 4.5.5 uses prepared statements that, if the parameter values are not properly replaced, could lead to a SQL Injection vulnerability. This issue can only be exploited if two or more parameters are bound to the query and at least two come from user input. | |||||
| CVE-2011-4628 | 1 Typo3 | 1 Typo3 | 2019-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request. | |||||
| CVE-2019-12747 | 1 Typo3 | 1 Typo3 | 2019-07-12 | 7.5 HIGH | 9.8 CRITICAL |
| TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data. | |||||
| CVE-2019-11830 | 1 Typo3 | 1 Pharstreamwrapper | 2019-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism. | |||||