Skip to main content
CVE-2013-4683 HIGH This Week

SQL injection vulnerability in the meta_feedit extension 0.1.10 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Meta Feedit
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-4682 HIGH PATCH This Week

SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Multishop
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-4681 HIGH This Week

SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Sofortueberweisung2Commerce
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-4604 MEDIUM This Month

Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Fortinet Fortios
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2013-4680 MEDIUM This Month

Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Maag Form Captcha
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2013-4669 MEDIUM This Month

FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Fortinet Google Microsoft Authentication Bypass Forticlient +2
NVD
CVSS 2.0
5.4
EPSS
0.2%
CVE-2012-6573 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the Apache Solr Autocomplete module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Apache XSS Apachesolr Autocomplete
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-2177 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-2.x before 7.x-2.3 for Drupal allows remote authenticated users with certain permissions to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Display Suite
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-1971 LOW Monitor

Cross-site scripting (XSS) vulnerability in the MP3 Player module for Drupal 6.x allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the file name of. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

XSS Mp3 Player
NVD
CVSS 2.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy