CVE-2010-4956
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-4956
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
TYPO3 Questionnaire (ke_questionnaire)插件跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Typo3是基于PHP和MySQL数据库的开源内容管理系统(CMS)和内容管理框架(CMF)的领导性品牌之一,是强大的开源解决方案。 TYPO3中的Questionnaire (ke_questionnaire)插件2.2.3之前版本中存在跨站脚本攻击漏洞。远程攻击者可借助未知向量注入任意web脚本或HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-4956
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-4956
Please Login to view more intelligence information
- http://typo3.org/extensions/repository/view/ke_questionnaire/2.2.3/x_refsource_CONFIRM
- http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2010-4956
Same Patch Batch · n/a · 2011-10-09 · 42 CVEs total
| CVE-2010-4953 | TYPO3 JW Calendar (jw_calendar)插件未明安全漏洞 | |
| CVE-2010-4943 | Saurus CMS class_path参数代码注入漏洞 | |
| CVE-2010-4944 | Mambo/Joomla! Elite Experts (com_elite_experts)组件id参数SQL注入漏洞 | |
| CVE-2010-4945 | Joomla! CamelcityDB (com_camelcitydb2)组件id参数SQL注入漏洞 | |
| CVE-2010-4946 | ALLPC product_info.php products_id参数SQL注入漏洞 | |
| CVE-2010-4947 | ALLPC advanced_search_result.php keywords参数跨站脚本漏洞 | |
| CVE-2010-4948 | PHP Free Photo Gallery script libs/adodb/adodb.inc.php path参数代码注入漏洞 | |
| CVE-2010-4949 | Joomla! FreiChat/FreiChatPure组件跨站脚本攻击漏洞 | |
| CVE-2010-4950 | TYPO3 Event (event)插件SQL注入漏洞 | |
| CVE-2010-4951 | TYPO3 xaJax Shoutbox (vx_xajax_shoutbox)插件跨站脚本攻击漏洞 | |
| CVE-2010-4952 | TYPO3 FE user statistic (festat)插件SQL注入漏洞 | |
| CVE-2010-4942 | E-Xoopport Samsara eCal模块lid参数SQL注入漏洞 | |
| CVE-2010-4954 | xt:Commerce Gambio product_reviews_info.php products_id参数SQL注入漏洞 | |
| CVE-2010-4955 | APBoard Developers APBoard board/board.php id参数SQL注入漏洞 | |
| CVE-2010-4957 | TYPO3 Questionnaire (ke_questionnaire)插件SQL注入漏洞 | |
| CVE-2010-4958 | Prado Portal index.php page参数SQL注入漏洞 | |
| CVE-2010-4959 | Pre Projects Pre Podcast Portal password参数SQL注入漏洞 | |
| CVE-2010-4960 | TYPO3 Branchenbuch插件跨站脚本攻击漏洞 | |
| CVE-2010-4961 | TYPO3 Webkit PDFs (webkitpdf)插件SQL注入漏洞 | |
| CVE-2010-4962 | TYPO3 Webkit PDFs (webkitpdf)插件未明安全漏洞 |
Showing top 20 of 42 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han
V. Comments for CVE-2010-4956
No comments yet