Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2014-8874

Disclosure Date: December 02, 2014 (last updated October 05, 2023)
The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.
0
0
Attacker Value
Unknown

CVE-2014-6293

Disclosure Date: October 03, 2014 (last updated October 05, 2023)
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014.
0
0
Attacker Value
Unknown

CVE-2014-6235

Disclosure Date: September 11, 2014 (last updated October 05, 2023)
Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2013-5307

Disclosure Date: August 16, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2013-5302

Disclosure Date: August 16, 2013 (last updated October 05, 2023)
SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
0
0