Download
| Alert*
|
oval:org.secpod.oval:def:600783
Helmut Hummel of the typo3 security team discovered that typo3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output ... oval:org.secpod.oval:def:600993 Typo3, a PHP-based content management system, was found vulnerable to several vulnerabilities. CVE-2013-1842 Helmut Hummel and Markus Opahle discovered that the Extbase database layer was not correctly sanitizing user input when using the Query object model. This can lead to SQL injection by a malic ... oval:org.secpod.oval:def:600876 Several vulnerabilities were discovered in TYPO3, a content management system. CVE-2012-3527 An insecure call to unserialize in the help system enables arbitrary code execution by authenticated users. CVE-2012-3528 The TYPO3 backend contains several cross-site scripting vulnerabilities. CVE-2012-352 ... |
