Search criteria
6 vulnerabilities found for content_rating_extbase by content_rating_extbase_project
FKIE_CVE-2015-1405
Vulnerability from fkie_nvd - Published: 2015-02-03 16:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| content_rating_extbase_project | content_rating_extbase | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:content_rating_extbase_project:content_rating_extbase:*:*:*:*:*:typo3:*:*",
"matchCriteriaId": "C7506FAB-E348-4B2B-906E-0897F7796848",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la extensi\u00f3n Content Rating Extbase 2.0.3 y anteriores para TYPO3 permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-1405",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-03T16:59:22.593",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/71985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71985"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-1404
Vulnerability from fkie_nvd - Published: 2015-02-03 16:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| content_rating_extbase_project | content_rating_extbase | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:content_rating_extbase_project:content_rating_extbase:*:*:*:*:*:typo3:*:*",
"matchCriteriaId": "C7506FAB-E348-4B2B-906E-0897F7796848",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en la extensi\u00f3n Content Rating Extbase 2.0.3 y anteriores para TYPO3 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-1404",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-03T16:59:21.640",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/71985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71985"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2015-1404 (GCVE-0-2015-1404)
Vulnerability from cvelistv5 – Published: 2015-02-03 16:00 – Updated: 2024-08-06 04:40
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-03T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1404",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-01-27T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1405 (GCVE-0-2015-1405)
Vulnerability from cvelistv5 – Published: 2015-02-03 16:00 – Updated: 2024-08-06 04:40
VLAI?
Summary
SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-03T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1405",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-01-27T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1404 (GCVE-0-2015-1404)
Vulnerability from nvd – Published: 2015-02-03 16:00 – Updated: 2024-08-06 04:40
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-03T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1404",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-01-27T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1405 (GCVE-0-2015-1405)
Vulnerability from nvd – Published: 2015-02-03 16:00 – Updated: 2024-08-06 04:40
VLAI?
Summary
SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-03T15:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "71985",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Content Rating Extbase extension 2.0.3 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "71985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71985"
},
{
"name": "[oss-security] 20150111 CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/11/7"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-003/"
},
{
"name": "[oss-security] 20150127 Re: CVE request: TYPO3-EXT-SA-2015-001, TYPO3-EXT-SA-2015-002, TYPO3-EXT-SA-2015-003",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/27/31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1405",
"datePublished": "2015-02-03T16:00:00",
"dateReserved": "2015-01-27T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}