CVE-2014-6236

EUVD-2014-6122
Unspecified vulnerability in the LumoNet PHP Include (lumophpinclude) extension before 1.2.1 for TYPO3 allows remote attackers to execute arbitrary scripts via vectors related to extension links.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
lumonet_php_include_projectlumonet_php_include
1.2.0
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/60873
http://typo3.org/extensions/repository/view/lumophpinclude
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
http://www.securityfocus.com/bid/69569
https://exchange.xforce.ibmcloud.com/vulnerabilities/95707
http://secunia.com/advisories/60873
http://typo3.org/extensions/repository/view/lumophpinclude
http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-010
http://www.securityfocus.com/bid/69569
https://exchange.xforce.ibmcloud.com/vulnerabilities/95707