4 results (0.006 seconds)

CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0

Cross-site scripting (XSS) vulnerability in the Static Info Tables (static_info_tables) extension before 2.3.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en la extensión Static Info Tables (static_info_tables) anterior a 2.3.1 para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de vectores no especificados. • http://osvdb.org/90414 http://secunia.com/advisories/52283 http://typo3.org/extensions/repository/view/static_info_tables http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-004 http://www.securityfocus.com/bid/58056 https://exchange.xforce.ibmcloud.com/vulnerabilities/82212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 35EXPL: 0

The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature. La extensión 'Front End User Registration' (sr_feuser_register) antes de v2.6.2 para TYPO3 permite a atacantes remotos obtener nombres de usuario y contraseñas a través de las funcionalidad de (1) editar Perspectivas o (2) inicio de sesión automático ('autologin'). • http://forge.typo3.org/projects/extension-sr_feuser_register/repository/entry/trunk/ChangeLog http://forge.typo3.org/projects/extension-sr_feuser_register/repository/revisions/58720 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/80145 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0

Unspecified vulnerability in the session handling feature in freeCap CAPTCHA (sr_freecap) extension 1.2.0 and earlier for TYPO3 has unknown impact and attack vectors. Vulnerabilidad no especificada en la característica session handling en freeCap CAPTCHA (sr_freecap) extension v1.2.0 y anteriores para TYPO3 tiene un impacto desconocido y vectores atacantes. • http://secunia.com/advisories/37094 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-014 •

CVSS: 4.0EPSS: 0%CPEs: 12EXPL: 0

Frontend User Registration (sr_feuser_register) extension 2.5.20 and earlier for TYPO3 does not properly verify access rights, which allows remote authenticated users to obtain sensitive information such as passwords via unknown attack vectors. La extensión Frontend User Registration (sr_feuser_register) v.2.5.20 y anteriores para TYPO3, no comprueba adecuadamente los permisos de acceso, esto permite a usuarios autenticados en remoto obtener información sensible como contraseñas a través de vectores de ataque desconocidos. • http://osvdb.org/53278 http://secunia.com/advisories/34586 http://typo3.org/extensions/repository/view/sr_feuser_register/2.5.21 http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004 http://www.securityfocus.com/bid/34374 http://www.vupen.com/english/advisories/2009/0938 • CWE-264: Permissions, Privileges, and Access Controls •