Show filters
297 Total Results
Displaying 81-90 of 297
Sort by:
Attacker Value
Unknown

CVE-2011-4630

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browse_links wizard.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-4903

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-4627

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2011-4626

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-4902

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2011-4629

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-4904

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2011-4631

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-4628

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2011-4900

Disclosure Date: November 06, 2019 (last updated November 27, 2024)
TYPO3 before 4.5.4 allows Information Disclosure in the backend.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >