This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:typo3:typo3:4.3.0 |
| Detail | |||
|---|---|---|---|
| Vendor | typo3 | First view | 2010-02-22 |
| Product | typo3 | Last view | 2012-05-30 |
| Version | 4.3.0 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:typo3:typo3 | ||
Activity : Yearly
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 6.8 | 2012-05-30 | CVE-2010-5099 | Network | Medium | None Requ... | |
| 4.3 | 2012-05-21 | CVE-2010-5104 | Network | Medium | None Requ... | |
| 6 | 2012-05-21 | CVE-2010-5103 | Network | Medium | Requires ... | |
| 5 | 2012-05-21 | CVE-2010-5102 | Network | Low | None Requ... | |
| 4 | 2012-05-21 | CVE-2010-5101 | Network | Low | Requires ... | |
| Date | Alert | Access Vector | Access Complexity | Authentification | ||
|---|---|---|---|---|---|---|
| 3.5 | 2012-05-21 | CVE-2010-5100 | Network | Medium | Requires ... | |
| 3.5 | 2012-05-21 | CVE-2010-5098 | Network | Medium | Requires ... | |
| 2.6 | 2012-05-21 | CVE-2010-5097 | Network | High | None Requ... | |
| 4.9 | 2010-10-25 | CVE-2010-4068 | Network | Medium | Requires ... | |
| 5 | 2010-10-25 | CVE-2010-3717 | Network | Low | None Requ... | |
| 6 | 2010-10-25 | CVE-2010-3716 | Network | Medium | Requires ... | |
| 4.3 | 2010-10-25 | CVE-2010-3715 | Network | Medium | None Requ... | |
| 7.1 | 2010-10-25 | CVE-2010-3714 | Network | Medium | None Requ... | |
| 6.8 | 2010-04-20 | CVE-2010-1153 | Network | Medium | None Requ... | |
| 5.1 | 2010-02-22 | CVE-2010-0286 | Network | High | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 28% (4) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 21% (3) | CWE-20 | Improper Input Validation |
| 14% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
| 14% (2) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 7% (1) | CWE-200 | Information Exposure |
| % | id | Name |
|---|---|---|
| 7% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (1) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 69219 | TYPO3 t3lib_div::validEmail Function PHP FILTER_VALIDATE_EMAIL Operation Remo... |
| 69218 | TYPO3 Extension Manager Unspecified Arbitrary File Access |
| 68593 | TYPO3 typo3/sysext/em/mod1/class.em_index.php Unspecified Traversal Arbitrary... |
| 68592 | TYPO3 Taskcenter sys_action Task Arbitrary User Creation |
| 68591 | TYPO3 typo3/contrib/RemoveXSS/RemoveXSS.php Unspecified XSS |
| id | Description |
|---|---|
| 68590 | TYPO3 typo3/sysext/cms/tslib/class.tslib_fe.php jumpURL Parameter Traversal A... |
| 63602 | TYPO3 Autoloader Unspecified Arbitrary PHP Code Execution |
| 61680 | TYPO3 OpenID System Extension Backend Login Authentication Bypass |
ExploitDB Exploits
| id | Description |
|---|---|
| 15856 | TYPO3 Unauthenticated Arbitrary File Retrieval |
