Kennziffer : Security Vulnerabilities, CVEs,
The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.
Max CVSS
5.0
EPSS Score
0.32%
Published
2014-12-02
Updated
2018-10-09
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014.
Max CVSS
7.5
EPSS Score
0.14%
Published
2014-10-03
Updated
2014-10-06
Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
7.5
EPSS Score
58.25%
Published
2014-09-11
Updated
2017-09-08
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.26%
Published
2013-08-16
Updated
2017-08-29
SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.36%
Published
2013-08-16
Updated
2017-08-29
5 vulnerabilities found