Search for vulnerabilities
| Vulnerability ID | VCID-1grv-8mgr-ekfg |
| Aliases |
CVE-2012-1607
GHSA-q68v-vcjg-r3vp |
| Summary | TYPO3 allows remote attackers to obtain the database name via a direct request The Command Line Interface (CLI) script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| epss | 0.00651 | https://api.first.org/data/v1/epss?cve=CVE-2012-1607 |
| epss | 0.00701 | https://api.first.org/data/v1/epss?cve=CVE-2012-1607 |
| generic_textual | MODERATE | https://github.com/TYPO3/typo3 |
| generic_textual | MODERATE | https://nvd.nist.gov/vuln/detail/CVE-2012-1607 |
| generic_textual | MODERATE | https://web.archive.org/web/20120426034517/http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2012-001 |
| generic_textual | MODERATE | https://web.archive.org/web/20120527123559/http://www.securityfocus.com/bid/52771 |
| generic_textual | MODERATE | http://www.debian.org/security/2012/dsa-2445 |
| generic_textual | MODERATE | http://www.openwall.com/lists/oss-security/2012/03/30/4 |
| Percentile | 0.69934 |
| EPSS Score | 0.00651 |
| Published At | July 4, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-01T12:25:53.452160+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-q68v-vcjg-r3vp/GHSA-q68v-vcjg-r3vp.json | 36.1.3 |