Skip to main content

Mm Forum

4 CVEs product

Monthly

CVE-2020-15516 MEDIUM This Month

The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Mm Forum
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2014-6299 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Mm Forum
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-6298 HIGH PATCH This Week

Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection File Upload Mm Forum
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2014-6297 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Mm Forum
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 0% CVSS 5.4
MEDIUM This Month

The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Mm Forum
NVD
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to hijack the authentication of users for requests that create posts via. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Mm Forum
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection File Upload +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Mm Forum
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy