Vulnerability Details CVE-2014-6236
Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/60873
- http://typo3.org/extensions/repository/view/lumophpinclude
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
- http://www.securityfocus.com/bid/69569
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95707
- http://secunia.com/advisories/60873
- http://typo3.org/extensions/repository/view/lumophpinclude
- http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
- http://www.securityfocus.com/bid/69569
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95707
Products affected by CVE-2014-6236
-
cpe:2.3:a:lumonet_php_include_project:lumonet_php_include:1.2.0