Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:composer/typo3/cms@4.2.0
Typecomposer
Namespacetypo3
Namecms
Version4.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version10.4.35
Latest_non_vulnerable_version12.2.0
Affected_by_vulnerabilities
0
url VCID-5arh-exf5-zub1
vulnerability_id VCID-5arh-exf5-zub1
summary 
TYPO3 SQL Injection vulnerability
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-5103
reference_id
reference_type
scores
0
value 0.00652
scoring_system epss
scoring_elements 0.70849
published_at 2026-04-04T12:55:00Z
1
value 0.00652
scoring_system epss
scoring_elements 0.70908
published_at 2026-04-21T12:55:00Z
2
value 0.00652
scoring_system epss
scoring_elements 0.70928
published_at 2026-04-18T12:55:00Z
3
value 0.00652
scoring_system epss
scoring_elements 0.70921
published_at 2026-04-16T12:55:00Z
4
value 0.00652
scoring_system epss
scoring_elements 0.70875
published_at 2026-04-13T12:55:00Z
5
value 0.00652
scoring_system epss
scoring_elements 0.70891
published_at 2026-04-12T12:55:00Z
6
value 0.00652
scoring_system epss
scoring_elements 0.70906
published_at 2026-04-11T12:55:00Z
7
value 0.00652
scoring_system epss
scoring_elements 0.70883
published_at 2026-04-09T12:55:00Z
8
value 0.00652
scoring_system epss
scoring_elements 0.70824
published_at 2026-04-07T12:55:00Z
9
value 0.00652
scoring_system epss
scoring_elements 0.70816
published_at 2026-04-01T12:55:00Z
10
value 0.00652
scoring_system epss
scoring_elements 0.70831
published_at 2026-04-02T12:55:00Z
11
value 0.00652
scoring_system epss
scoring_elements 0.70868
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-5103
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/64184
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/64184
2
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-5103
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-5103
4
reference_url https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
5
reference_url https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
6
reference_url http://www.openwall.com/lists/oss-security/2011/01/13/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/01/13/2
7
reference_url http://www.openwall.com/lists/oss-security/2012/05/10/7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/10/7
8
reference_url http://www.openwall.com/lists/oss-security/2012/05/11/3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/11/3
9
reference_url http://www.openwall.com/lists/oss-security/2012/05/12/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/12/5
10
reference_url https://github.com/advisories/GHSA-r2w2-2r2x-fpcx
reference_id GHSA-r2w2-2r2x-fpcx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r2w2-2r2x-fpcx
fixed_packages
0
url pkg:composer/typo3/cms@4.2.16
purl pkg:composer/typo3/cms@4.2.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.16
1
url pkg:composer/typo3/cms@4.3.9
purl pkg:composer/typo3/cms@4.3.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.9
2
url pkg:composer/typo3/cms@4.4.5
purl pkg:composer/typo3/cms@4.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.5
aliases CVE-2010-5103, GHSA-r2w2-2r2x-fpcx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5arh-exf5-zub1
1
url VCID-69fr-ztbp-z7gg
vulnerability_id VCID-69fr-ztbp-z7gg
summary 
Improper Input Validation
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0258
reference_id
reference_type
scores
0
value 0.03387
scoring_system epss
scoring_elements 0.87409
published_at 2026-04-21T12:55:00Z
1
value 0.03387
scoring_system epss
scoring_elements 0.87369
published_at 2026-04-07T12:55:00Z
2
value 0.03387
scoring_system epss
scoring_elements 0.87387
published_at 2026-04-08T12:55:00Z
3
value 0.03387
scoring_system epss
scoring_elements 0.87394
published_at 2026-04-09T12:55:00Z
4
value 0.03387
scoring_system epss
scoring_elements 0.87407
published_at 2026-04-11T12:55:00Z
5
value 0.03387
scoring_system epss
scoring_elements 0.87401
published_at 2026-04-12T12:55:00Z
6
value 0.03387
scoring_system epss
scoring_elements 0.87397
published_at 2026-04-13T12:55:00Z
7
value 0.03387
scoring_system epss
scoring_elements 0.87412
published_at 2026-04-16T12:55:00Z
8
value 0.03387
scoring_system epss
scoring_elements 0.87415
published_at 2026-04-18T12:55:00Z
9
value 0.03387
scoring_system epss
scoring_elements 0.87344
published_at 2026-04-01T12:55:00Z
10
value 0.03387
scoring_system epss
scoring_elements 0.87354
published_at 2026-04-02T12:55:00Z
11
value 0.03387
scoring_system epss
scoring_elements 0.8737
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0258
1
reference_url http://secunia.com/advisories/33617
reference_id
reference_type
scores
url http://secunia.com/advisories/33617
2
reference_url http://secunia.com/advisories/33679
reference_id
reference_type
scores
url http://secunia.com/advisories/33679
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/48138
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/48138
4
reference_url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
5
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
6
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
7
reference_url http://www.debian.org/security/2009/dsa-1711
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1711
8
reference_url http://www.openwall.com/lists/oss-security/2009/01/23/4
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/01/23/4
9
reference_url http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33376
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0258
reference_id CVE-2009-0258
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0258
35
reference_url https://github.com/advisories/GHSA-74w6-ww7w-45j9
reference_id GHSA-74w6-ww7w-45j9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-74w6-ww7w-45j9
fixed_packages
0
url pkg:composer/typo3/cms@4.2.4
purl pkg:composer/typo3/cms@4.2.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.4
aliases CVE-2009-0258, GHSA-74w6-ww7w-45j9
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69fr-ztbp-z7gg
2
url VCID-acey-xzmu-7yg9
vulnerability_id VCID-acey-xzmu-7yg9
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0816
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52009
published_at 2026-04-21T12:55:00Z
1
value 0.00285
scoring_system epss
scoring_elements 0.51964
published_at 2026-04-08T12:55:00Z
2
value 0.00285
scoring_system epss
scoring_elements 0.51963
published_at 2026-04-09T12:55:00Z
3
value 0.00285
scoring_system epss
scoring_elements 0.52015
published_at 2026-04-11T12:55:00Z
4
value 0.00285
scoring_system epss
scoring_elements 0.51997
published_at 2026-04-12T12:55:00Z
5
value 0.00285
scoring_system epss
scoring_elements 0.51981
published_at 2026-04-13T12:55:00Z
6
value 0.00285
scoring_system epss
scoring_elements 0.52023
published_at 2026-04-16T12:55:00Z
7
value 0.00285
scoring_system epss
scoring_elements 0.52029
published_at 2026-04-18T12:55:00Z
8
value 0.00285
scoring_system epss
scoring_elements 0.51871
published_at 2026-04-01T12:55:00Z
9
value 0.00285
scoring_system epss
scoring_elements 0.51919
published_at 2026-04-02T12:55:00Z
10
value 0.00285
scoring_system epss
scoring_elements 0.51946
published_at 2026-04-04T12:55:00Z
11
value 0.00285
scoring_system epss
scoring_elements 0.5191
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0816
1
reference_url https://web.archive.org/web/20210507104956/http://www.securitytracker.com/id?1021709
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210507104956/http://www.securitytracker.com/id?1021709
2
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002
3
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
4
reference_url http://www.debian.org/security/2009/dsa-1720
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1720
5
reference_url http://www.openwall.com/lists/oss-security/2009/02/10/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/02/10/6
6
reference_url http://www.securitytracker.com/id?1021709
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1021709
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.10:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.11:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0816
reference_id CVE-2009-0816
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0816
36
reference_url https://github.com/advisories/GHSA-jg55-3q6h-2ccf
reference_id GHSA-jg55-3q6h-2ccf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jg55-3q6h-2ccf
fixed_packages
0
url pkg:composer/typo3/cms@4.2.6
purl pkg:composer/typo3/cms@4.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.6
aliases CVE-2009-0816, GHSA-jg55-3q6h-2ccf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-acey-xzmu-7yg9
3
url VCID-enht-zcrt-mbe6
vulnerability_id VCID-enht-zcrt-mbe6
summary 
TYPO3 Path Traversal vulnerability
The fileDenyPattern functionality in the PHP file inclusion protection API in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly filter file types, which allows remote attackers to bypass intended access restrictions and access arbitrary PHP files, as demonstrated using path traversal sequences with %00 null bytes and CVE-2010-3714 to read the TYPO3 encryption key from localconf.php.
references
0
reference_url http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-5099
reference_id
reference_type
scores
0
value 0.05249
scoring_system epss
scoring_elements 0.89995
published_at 2026-04-21T12:55:00Z
1
value 0.05957
scoring_system epss
scoring_elements 0.90646
published_at 2026-04-13T12:55:00Z
2
value 0.05957
scoring_system epss
scoring_elements 0.90652
published_at 2026-04-12T12:55:00Z
3
value 0.05957
scoring_system epss
scoring_elements 0.90643
published_at 2026-04-09T12:55:00Z
4
value 0.05957
scoring_system epss
scoring_elements 0.90605
published_at 2026-04-01T12:55:00Z
5
value 0.05957
scoring_system epss
scoring_elements 0.90664
published_at 2026-04-18T12:55:00Z
6
value 0.05957
scoring_system epss
scoring_elements 0.90666
published_at 2026-04-16T12:55:00Z
7
value 0.05957
scoring_system epss
scoring_elements 0.90637
published_at 2026-04-08T12:55:00Z
8
value 0.05957
scoring_system epss
scoring_elements 0.90626
published_at 2026-04-07T12:55:00Z
9
value 0.05957
scoring_system epss
scoring_elements 0.90618
published_at 2026-04-04T12:55:00Z
10
value 0.05957
scoring_system epss
scoring_elements 0.90608
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-5099
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/64180
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/64180
3
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
4
reference_url https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120801235059/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
5
reference_url http://www.exploit-db.com/exploits/15856
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/15856
6
reference_url http://www.openwall.com/lists/oss-security/2011/01/13/2
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/01/13/2
7
reference_url http://www.openwall.com/lists/oss-security/2012/05/10/7
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/10/7
8
reference_url http://www.openwall.com/lists/oss-security/2012/05/11/3
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/11/3
9
reference_url http://www.openwall.com/lists/oss-security/2012/05/12/5
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/12/5
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-5099
reference_id CVE-2010-5099
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-5099
11
reference_url https://github.com/advisories/GHSA-66j3-66cp-6c2m
reference_id GHSA-66j3-66cp-6c2m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-66j3-66cp-6c2m
fixed_packages
0
url pkg:composer/typo3/cms@4.2.16
purl pkg:composer/typo3/cms@4.2.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.16
1
url pkg:composer/typo3/cms@4.3.9
purl pkg:composer/typo3/cms@4.3.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.9
2
url pkg:composer/typo3/cms@4.4.5
purl pkg:composer/typo3/cms@4.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.5
aliases CVE-2010-5099, GHSA-66j3-66cp-6c2m
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-enht-zcrt-mbe6
4
url VCID-jbu9-bp56-rkgw
vulnerability_id VCID-jbu9-bp56-rkgw
summary 
TYPO3 Remote File Disclosure vulnerability in the jumpUrl mechanism
The jumpUrl (aka access tracking) implementation in `tslib/class.tslib_fe.php` in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x before 4.4.4 does not properly compare certain hash values during access-control decisions, which allows remote attackers to read arbitrary files via unspecified vectors.
references
0
reference_url http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://blog.nibblesec.org/2010/12/typo3-sa-2010-020-typo3-sa-2010-022.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3714
reference_id
reference_type
scores
0
value 0.35507
scoring_system epss
scoring_elements 0.97074
published_at 2026-04-21T12:55:00Z
1
value 0.35507
scoring_system epss
scoring_elements 0.9707
published_at 2026-04-18T12:55:00Z
2
value 0.35507
scoring_system epss
scoring_elements 0.97067
published_at 2026-04-16T12:55:00Z
3
value 0.35507
scoring_system epss
scoring_elements 0.97056
published_at 2026-04-13T12:55:00Z
4
value 0.35507
scoring_system epss
scoring_elements 0.97055
published_at 2026-04-12T12:55:00Z
5
value 0.35507
scoring_system epss
scoring_elements 0.97052
published_at 2026-04-09T12:55:00Z
6
value 0.35507
scoring_system epss
scoring_elements 0.97051
published_at 2026-04-08T12:55:00Z
7
value 0.35507
scoring_system epss
scoring_elements 0.97041
published_at 2026-04-07T12:55:00Z
8
value 0.35507
scoring_system epss
scoring_elements 0.9703
published_at 2026-04-01T12:55:00Z
9
value 0.35507
scoring_system epss
scoring_elements 0.97037
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3714
2
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
3
reference_url https://github.com/TYPO3/typo3/commit/687b671c765eac10ffb764547bb403ac3ef55620
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/687b671c765eac10ffb764547bb403ac3ef55620
4
reference_url https://github.com/TYPO3/typo3/commit/a8ccd387cafd2c2c338fc29109c16418f7657229
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/a8ccd387cafd2c2c338fc29109c16418f7657229
5
reference_url https://github.com/TYPO3/typo3/commit/d95f06f633fd2c289b544f6d5907b789eae6cccb
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3/commit/d95f06f633fd2c289b544f6d5907b789eae6cccb
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-3714
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-3714
7
reference_url https://web.archive.org/web/20111220151231/http://www.securityfocus.com/bid/43786
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111220151231/http://www.securityfocus.com/bid/43786
8
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020
9
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-020/
10
reference_url http://www.debian.org/security/2010/dsa-2121
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2010/dsa-2121
11
reference_url http://www.exploit-db.com/exploits/15856
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.exploit-db.com/exploits/15856
12
reference_url http://www.securityfocus.com/bid/43786
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/43786
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.10:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.11:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.12:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.12:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.12:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.13:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.14:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.6:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.7:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.8:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.9:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.4:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.5:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3.6:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.2:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.4.3:*:*:*:*:*:*:*
39
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/15856.php
reference_id CVE-2012-2344;OSVDB-70121;CVE-2010-5099;CVE-2010-3714;OSVDB-68590
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/15856.php
40
reference_url https://github.com/advisories/GHSA-w736-qv86-vq94
reference_id GHSA-w736-qv86-vq94
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w736-qv86-vq94
fixed_packages
0
url pkg:composer/typo3/cms@4.2.15
purl pkg:composer/typo3/cms@4.2.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.15
1
url pkg:composer/typo3/cms@4.3.7
purl pkg:composer/typo3/cms@4.3.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.7
2
url pkg:composer/typo3/cms@4.4.4
purl pkg:composer/typo3/cms@4.4.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.4
aliases CVE-2010-3714, GHSA-w736-qv86-vq94
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbu9-bp56-rkgw
5
url VCID-k6fn-pcqn-byhu
vulnerability_id VCID-k6fn-pcqn-byhu
summary 
TYPO3 Directory Traversal vulnerability
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files via unspecified vectors related to the "file inclusion functionality."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-5101
reference_id
reference_type
scores
0
value 0.00407
scoring_system epss
scoring_elements 0.60999
published_at 2026-04-01T12:55:00Z
1
value 0.00407
scoring_system epss
scoring_elements 0.6115
published_at 2026-04-21T12:55:00Z
2
value 0.00407
scoring_system epss
scoring_elements 0.61168
published_at 2026-04-18T12:55:00Z
3
value 0.00407
scoring_system epss
scoring_elements 0.61163
published_at 2026-04-16T12:55:00Z
4
value 0.00407
scoring_system epss
scoring_elements 0.61122
published_at 2026-04-13T12:55:00Z
5
value 0.00407
scoring_system epss
scoring_elements 0.61141
published_at 2026-04-12T12:55:00Z
6
value 0.00407
scoring_system epss
scoring_elements 0.61155
published_at 2026-04-11T12:55:00Z
7
value 0.00407
scoring_system epss
scoring_elements 0.61119
published_at 2026-04-08T12:55:00Z
8
value 0.00407
scoring_system epss
scoring_elements 0.6107
published_at 2026-04-07T12:55:00Z
9
value 0.00407
scoring_system epss
scoring_elements 0.61104
published_at 2026-04-04T12:55:00Z
10
value 0.00407
scoring_system epss
scoring_elements 0.61076
published_at 2026-04-02T12:55:00Z
11
value 0.00407
scoring_system epss
scoring_elements 0.61134
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-5101
1
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/64180
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/64180
2
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-5101
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-5101
4
reference_url https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120123102224/http://www.securityfocus.com/bid/45470
5
reference_url https://web.archive.org/web/20121103085228/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121103085228/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022
6
reference_url http://www.openwall.com/lists/oss-security/2011/01/13/2
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/01/13/2
7
reference_url http://www.openwall.com/lists/oss-security/2012/05/10/7
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/10/7
8
reference_url http://www.openwall.com/lists/oss-security/2012/05/11/3
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/11/3
9
reference_url http://www.openwall.com/lists/oss-security/2012/05/12/5
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/05/12/5
10
reference_url https://github.com/advisories/GHSA-rmqc-wfjm-3f66
reference_id GHSA-rmqc-wfjm-3f66
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rmqc-wfjm-3f66
fixed_packages
0
url pkg:composer/typo3/cms@4.2.16
purl pkg:composer/typo3/cms@4.2.16
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.16
1
url pkg:composer/typo3/cms@4.3.9
purl pkg:composer/typo3/cms@4.3.9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.9
2
url pkg:composer/typo3/cms@4.4.5
purl pkg:composer/typo3/cms@4.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.4.5
aliases CVE-2010-5101, GHSA-rmqc-wfjm-3f66
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6fn-pcqn-byhu
6
url VCID-tsmu-e547-8kdx
vulnerability_id VCID-tsmu-e547-8kdx
summary 
TYPO3 leaks a hash secret in an error message
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0815
reference_id
reference_type
scores
0
value 0.498
scoring_system epss
scoring_elements 0.97818
published_at 2026-04-21T12:55:00Z
1
value 0.498
scoring_system epss
scoring_elements 0.97787
published_at 2026-04-01T12:55:00Z
2
value 0.498
scoring_system epss
scoring_elements 0.97793
published_at 2026-04-02T12:55:00Z
3
value 0.498
scoring_system epss
scoring_elements 0.97795
published_at 2026-04-04T12:55:00Z
4
value 0.498
scoring_system epss
scoring_elements 0.97799
published_at 2026-04-07T12:55:00Z
5
value 0.498
scoring_system epss
scoring_elements 0.97803
published_at 2026-04-08T12:55:00Z
6
value 0.498
scoring_system epss
scoring_elements 0.97805
published_at 2026-04-09T12:55:00Z
7
value 0.498
scoring_system epss
scoring_elements 0.97808
published_at 2026-04-11T12:55:00Z
8
value 0.498
scoring_system epss
scoring_elements 0.9781
published_at 2026-04-12T12:55:00Z
9
value 0.498
scoring_system epss
scoring_elements 0.97811
published_at 2026-04-13T12:55:00Z
10
value 0.498
scoring_system epss
scoring_elements 0.97817
published_at 2026-04-16T12:55:00Z
11
value 0.498
scoring_system epss
scoring_elements 0.9782
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0815
1
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
2
reference_url https://web.archive.org/web/20091206080208/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20091206080208/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002
3
reference_url https://web.archive.org/web/20200915000000*/http://www.securitytracker.com/id?1021710
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200915000000*/http://www.securitytracker.com/id?1021710
4
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-002/
5
reference_url http://www.debian.org/security/2009/dsa-1720
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1720
6
reference_url http://www.openwall.com/lists/oss-security/2009/02/10/6
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/02/10/6
7
reference_url http://www.securitytracker.com/id?1021710
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1021710
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.3.x:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.5.x:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.6.x:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.7.x:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:3.8.x:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.8:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.9:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.4:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.5:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.3:alpha1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0815
reference_id CVE-2009-0815
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0815
33
reference_url https://github.com/advisories/GHSA-c22j-84c7-cm77
reference_id GHSA-c22j-84c7-cm77
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c22j-84c7-cm77
34
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8038.py
reference_id OSVDB-52048;CVE-2009-0815
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/8038.py
fixed_packages
0
url pkg:composer/typo3/cms@4.2.6
purl pkg:composer/typo3/cms@4.2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.6
aliases CVE-2009-0815, GHSA-c22j-84c7-cm77
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsmu-e547-8kdx
7
url VCID-u1y7-xzfg-z7ce
vulnerability_id VCID-u1y7-xzfg-z7ce
summary 
TYPO3 Install Tool Subcomponent Allows Access Using Only a Password's MD5 Hash as a Credential
The Install Tool subcomponent in TYPO3 4.0.13 and earlier, 4.1.x before 4.1.13, 4.2.x before 4.2.10, and 4.3.x before 4.3beta2 allows remote attackers to gain access by using only the password's md5 hash as a credential.
references
0
reference_url http://marc.info/?l=oss-security&m=125632856206736&w=2
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=oss-security&m=125632856206736&w=2
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3635
reference_id
reference_type
scores
0
value 0.01041
scoring_system epss
scoring_elements 0.77474
published_at 2026-04-18T12:55:00Z
1
value 0.01041
scoring_system epss
scoring_elements 0.77475
published_at 2026-04-16T12:55:00Z
2
value 0.01041
scoring_system epss
scoring_elements 0.77414
published_at 2026-04-04T12:55:00Z
3
value 0.01041
scoring_system epss
scoring_elements 0.77467
published_at 2026-04-21T12:55:00Z
4
value 0.01041
scoring_system epss
scoring_elements 0.77424
published_at 2026-04-08T12:55:00Z
5
value 0.01041
scoring_system epss
scoring_elements 0.77381
published_at 2026-04-01T12:55:00Z
6
value 0.01041
scoring_system epss
scoring_elements 0.77388
published_at 2026-04-02T12:55:00Z
7
value 0.01041
scoring_system epss
scoring_elements 0.77394
published_at 2026-04-07T12:55:00Z
8
value 0.01041
scoring_system epss
scoring_elements 0.77436
published_at 2026-04-13T12:55:00Z
9
value 0.01041
scoring_system epss
scoring_elements 0.77439
published_at 2026-04-12T12:55:00Z
10
value 0.01041
scoring_system epss
scoring_elements 0.77459
published_at 2026-04-11T12:55:00Z
11
value 0.01041
scoring_system epss
scoring_elements 0.77433
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3635
2
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/53928
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/53928
3
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
4
reference_url https://web.archive.org/web/20100105023145/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100105023145/http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016
5
reference_url https://web.archive.org/web/20200229210314/http://www.securityfocus.com/bid/36801
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229210314/http://www.securityfocus.com/bid/36801
6
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-3635
reference_id CVE-2009-3635
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-3635
8
reference_url https://github.com/advisories/GHSA-hwrc-w5gg-f335
reference_id GHSA-hwrc-w5gg-f335
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hwrc-w5gg-f335
fixed_packages
0
url pkg:composer/typo3/cms@4.2.10
purl pkg:composer/typo3/cms@4.2.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.10
1
url pkg:composer/typo3/cms@4.3.0-beta2
purl pkg:composer/typo3/cms@4.3.0-beta2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.3.0-beta2
aliases CVE-2009-3635, GHSA-hwrc-w5gg-f335
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1y7-xzfg-z7ce
8
url VCID-zkmd-h3ch-ebbg
vulnerability_id VCID-zkmd-h3ch-ebbg
summary 
Improper Authentication
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-0256
reference_id
reference_type
scores
0
value 0.00911
scoring_system epss
scoring_elements 0.75846
published_at 2026-04-21T12:55:00Z
1
value 0.00911
scoring_system epss
scoring_elements 0.75777
published_at 2026-04-07T12:55:00Z
2
value 0.00911
scoring_system epss
scoring_elements 0.75809
published_at 2026-04-08T12:55:00Z
3
value 0.00911
scoring_system epss
scoring_elements 0.75821
published_at 2026-04-09T12:55:00Z
4
value 0.00911
scoring_system epss
scoring_elements 0.75845
published_at 2026-04-11T12:55:00Z
5
value 0.00911
scoring_system epss
scoring_elements 0.75826
published_at 2026-04-12T12:55:00Z
6
value 0.00911
scoring_system epss
scoring_elements 0.7582
published_at 2026-04-13T12:55:00Z
7
value 0.00911
scoring_system epss
scoring_elements 0.75857
published_at 2026-04-16T12:55:00Z
8
value 0.00911
scoring_system epss
scoring_elements 0.75861
published_at 2026-04-18T12:55:00Z
9
value 0.00911
scoring_system epss
scoring_elements 0.75762
published_at 2026-04-01T12:55:00Z
10
value 0.00911
scoring_system epss
scoring_elements 0.75765
published_at 2026-04-02T12:55:00Z
11
value 0.00911
scoring_system epss
scoring_elements 0.75798
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-0256
1
reference_url http://secunia.com/advisories/33617
reference_id
reference_type
scores
url http://secunia.com/advisories/33617
2
reference_url http://secunia.com/advisories/33679
reference_id
reference_type
scores
url http://secunia.com/advisories/33679
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/48133
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/48133
4
reference_url https://github.com/TYPO3/typo3
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/TYPO3/typo3
5
reference_url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20111210005350/http://www.securityfocus.com/bid/33376
6
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001
7
reference_url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
reference_id
reference_type
scores
url http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
8
reference_url http://www.debian.org/security/2009/dsa-1711
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2009/dsa-1711
9
reference_url http://www.securityfocus.com/bid/33376
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/33376
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.2:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.3:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.4:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.5:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.6:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.7:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.8:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.0.9:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:beta1:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.0:rc1:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.4:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.5:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.6:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.1.7:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.2:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:typo3:typo3:4.2.3:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-0256
reference_id CVE-2009-0256
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-0256
35
reference_url https://github.com/advisories/GHSA-q45q-5233-229p
reference_id GHSA-q45q-5233-229p
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q45q-5233-229p
fixed_packages
0
url pkg:composer/typo3/cms@4.2.4
purl pkg:composer/typo3/cms@4.2.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.4
aliases CVE-2009-0256, GHSA-q45q-5233-229p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkmd-h3ch-ebbg
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:composer/typo3/cms@4.2.0