Shodan
Vulnerabilities
Vulnerable Software
Typo3:  >> Typo3  Security Vulnerabilities
CVE-2011-4900
TYPO3 before 4.5.4 allows Information Disclosure in the backend.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-06
CVE-2011-4901
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to extract arbitrary information from the TYPO3 database.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-11-06
CVE-2011-4902
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to delete arbitrary files on the webserver.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-11-06
CVE-2011-4903
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the RemoveXSS function.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-06
CVE-2011-4904
TYPO3 before 4.4.9 and 4.5.x before 4.5.4 does not apply proper access control on ExtDirect calls which allows remote attackers to retrieve ExtDirect endpoint services.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-11-06
CVE-2011-4626
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the "JSwindow" property of the typolink function.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-06
CVE-2011-4627
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows Information Disclosure on the backend.
CVSS Score
6.5
EPSS Score
0.003
Published
2019-11-06
CVE-2011-4628
TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to bypass authentication mechanisms in the backend through a crafted request.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-11-06
CVE-2011-4629
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the admin panel.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-11-06
CVE-2011-4630
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the browse_links wizard.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-11-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved