Vulnerabilities > Typo3 > Typo3 > 7.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-14 | CVE-2022-23501 | Improper Authentication vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 6.5 |
2021-07-20 | CVE-2021-32767 | Information Exposure Through Log Files vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 3.5 |
2021-03-23 | CVE-2021-21370 | Cross-site Scripting vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 3.5 |
2021-03-23 | CVE-2021-21339 | Cleartext Storage of Sensitive Information vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.0 |
2021-03-23 | CVE-2021-21338 | Open Redirect vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.8 |
2020-11-23 | CVE-2020-26227 | Cross-site Scripting vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 4.3 |
2019-12-17 | CVE-2019-19849 | Deserialization of Untrusted Data vulnerability in Typo3 An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. | 6.5 |
2019-12-17 | CVE-2019-19848 | Path Traversal vulnerability in Typo3 An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. | 6.5 |
2018-04-08 | CVE-2018-6905 | Cross-site Scripting vulnerability in Typo3 The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process. | 3.5 |
2017-09-11 | CVE-2017-14251 | Unrestricted Upload of File with Dangerous Type vulnerability in Typo3 Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code. | 6.5 |