Filtered by vendor Kennziffer
Subscribe
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-8874 | 1 Kennziffer | 1 Ke Questionnaire | 2024-11-21 | 5.0 MEDIUM | N/A |
The ke_questionnaire extension 2.5.2 and earlier for TYPO3 uses predictable names for the questionnaire answer forms, which makes it easier for remote attackers to obtain sensitive information via a direct request. | |||||
CVE-2014-6293 | 1 Kennziffer | 1 Statistics | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, as exploited in the wild in February 2014. | |||||
CVE-2014-6235 | 1 Kennziffer | 1 Ke Dompdf | 2024-11-21 | 7.5 HIGH | N/A |
Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2013-5307 | 2 Kennziffer, Typo3 | 2 Ke Search, Typo3 | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2013-5302 | 2 Kennziffer, Typo3 | 2 Ke Search, Typo3 | 2024-11-21 | 7.5 HIGH | N/A |
SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |