Vulnerabilities > Typo3 > Typo3 > 4.3.7

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-23501 Unspecified vulnerability in Typo3
TYPO3 is an open source PHP based web content management system.
network
low complexity
typo3
6.5
6.5
2021-04-27 CVE-2021-21365 Unspecified vulnerability in Typo3
Bootstrap Package is a theme for TYPO3.
network
low complexity
typo3
5.4
5.4
2019-12-17 CVE-2019-19849 Deserialization of Untrusted Data vulnerability in Typo3
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2.
network
low complexity
typo3 CWE-502
8.8
8.8
2019-12-17 CVE-2019-19848 Path Traversal vulnerability in Typo3
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2.
network
low complexity
typo3 CWE-22
7.2
7.2
2019-11-06 CVE-2011-4903 Cross-site Scripting vulnerability in Typo3
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.
network
low complexity
typo3 CWE-79
6.1
6.1
2019-11-06 CVE-2011-4902 Improper Input Validation vulnerability in Typo3
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.
network
low complexity
typo3 CWE-20
6.5
6.5
2019-11-06 CVE-2011-4901 Information Exposure vulnerability in Typo3
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database.
network
low complexity
typo3 CWE-200
6.5
6.5
2019-11-06 CVE-2011-4632 Cross-site Scripting vulnerability in Typo3
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message.
network
low complexity
typo3 CWE-79
5.4
5.4
2019-11-06 CVE-2011-4631 Cross-site Scripting vulnerability in Typo3
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler.
network
low complexity
typo3 CWE-79
5.4
5.4
2019-11-06 CVE-2011-4630 Cross-site Scripting vulnerability in Typo3
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browse_links wizard.
network
low complexity
typo3 CWE-79
5.4
5.4