This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:typo3:typo3:3.7.0 |
| Detail | |||
|---|---|---|---|
| Vendor | typo3 | First view | 2005-12-31 |
| Product | typo3 | Last view | 2009-11-02 |
| Version | 3.7.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:typo3:typo3 | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4.3 | 2009-11-02 | CVE-2009-3636 | Network | Medium | None Requ... | |
| 6.8 | 2009-11-02 | CVE-2009-3635 | Network | Medium | None Requ... | |
| 4.3 | 2009-11-02 | CVE-2009-3633 | Network | Medium | None Requ... | |
| 8.5 | 2009-11-02 | CVE-2009-3631 | Network | Medium | Requires ... | |
| 5.5 | 2009-11-02 | CVE-2009-3630 | Network | Low | Requires ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 4 | 2009-11-02 | CVE-2009-3628 | Network | Low | Requires ... | |
| 7.5 | 2009-04-03 | CVE-2008-6594 | Network | Low | None Requ... | |
| 6.5 | 2007-12-14 | CVE-2007-6381 | Network | Low | Requires ... | |
| 7.5 | 2006-12-21 | CVE-2006-6690 | Network | Low | None Requ... | |
| 7.5 | 2005-12-31 | CVE-2005-4875 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (2) | CWE-200 | Information Exposure |
| 25% (2) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
| 12% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 12% (1) | CWE-287 | Improper Authentication |
| 12% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| % | id | Name |
|---|---|---|
| 12% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 59491 | Typo3 Core Install Tool Unspecified URL Parameter XSS |
| 59490 | Typo3 Core Install Tool MD5 Hash Authentication Bypass |
| 59488 | Typo3 Core t3lib_div::quoteJSvalue API Function XSS |
| 59486 | Typo3 Core Backend Crafted File Upload Arbitrary Command Execution |
| 59485 | Typo3 Core Backend Unspecified Frame Hijacking |
| id | Description |
|---|---|
| 59483 | Typo3 Core Backend tt_content Form Element Encryption Key Recalculation |
| 45094 | cm_rdfexport Extension for TYPO3 Multiple Unspecified SQL Injection |
| 39506 | TYPO3 indexed_search System Extension SQL Injection |
| 30890 | TYPO3 (class.tx_rtehtmlarea_pi1.php) spell-check-logic.php userUid Arbitrary ... |
| 20936 | TYPO3 Debug Script phpinfo() Remote Information Disclosure |
