Vulnerabilities (CVE)

Filtered by vendor Kennziffer Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-8874 1 Kennziffer 1 Ke Questionnaire 2024-11-21 5.0 MEDIUM N/A
The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request.
CVE-2014-6293 1 Kennziffer 1 Statistics 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014.
CVE-2014-6235 1 Kennziffer 1 Ke Dompdf 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2013-5307 2 Kennziffer, Typo3 2 Ke Search, Typo3 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-5302 2 Kennziffer, Typo3 2 Ke Search, Typo3 2024-11-21 7.5 HIGH N/A
SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.