This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:typo3:typo3:4.3.1
Detail
Vendortypo3First view 2010-04-20
Producttypo3Last view 2012-05-30
Version4.3.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:typo3:typo3

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
6.82012-05-30CVE-2010-5099NetworkMediumNone Requ...
4.32012-05-21CVE-2010-5104NetworkMediumNone Requ...
62012-05-21CVE-2010-5103NetworkMediumRequires ...
52012-05-21CVE-2010-5102NetworkLowNone Requ...
42012-05-21CVE-2010-5101NetworkLowRequires ...
Hide | Show 9 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
3.52012-05-21CVE-2010-5100NetworkMediumRequires ...
3.52012-05-21CVE-2010-5098NetworkMediumRequires ...
2.62012-05-21CVE-2010-5097NetworkHighNone Requ...
4.92010-10-25CVE-2010-4068NetworkMediumRequires ...
52010-10-25CVE-2010-3717NetworkLowNone Requ...
62010-10-25CVE-2010-3716NetworkMediumRequires ...
4.32010-10-25CVE-2010-3715NetworkMediumNone Requ...
7.12010-10-25CVE-2010-3714NetworkMediumNone Requ...
6.82010-04-20CVE-2010-1153NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (4)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
21% (3)CWE-20Improper Input Validation
14% (2)CWE-264Permissions, Privileges, and Access Controls
14% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
7% (1)CWE-200Information Exposure
Hide | Show 2 More...
%idName
7% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
7% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...

Open Source Vulnerability Database (OSVDB)

idDescription
69219TYPO3 t3lib_div::validEmail Function PHP FILTER_VALIDATE_EMAIL Operation Remo...
69218TYPO3 Extension Manager Unspecified Arbitrary File Access
68593TYPO3 typo3/sysext/em/mod1/class.em_index.php Unspecified Traversal Arbitrary...
68592TYPO3 Taskcenter sys_action Task Arbitrary User Creation
68591TYPO3 typo3/contrib/RemoveXSS/RemoveXSS.php Unspecified XSS
Hide | Show 2 More...
idDescription
68590TYPO3 typo3/sysext/cms/tslib/class.tslib_fe.php jumpURL Parameter Traversal A...
63602TYPO3 Autoloader Unspecified Arbitrary PHP Code Execution

ExploitDB Exploits

idDescription
15856TYPO3 Unauthenticated Arbitrary File Retrieval

OpenVAS Exploits

idDescription
2010-11-17Name : Debian Security Advisory DSA 2121-1 (typo3-src)
File : nvt/deb_2121_1.nasl

Nessus® Vulnerability Scanner

idDescription
2010-10-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2121.nasl - Type : ACT_GATHER_INFO