MidnightBSD

Advisories for typecho

CVE-2017-16230 LOW

In admin/write-post.php in Typecho through 1.1, one can log in to the background page, write a new article, and add payload in the article content, resulting in XSS via index.php/action/contents-post-edit.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
typecho typecho *
CVE-2018-18753 HIGH

Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-918,

Products Affected

Vendor Product Version
typecho typecho 1.1
CVE-2020-21038

Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php.

Products Affected

Vendor Product Version
typecho typecho 1.1-17.10.30
CVE-2023-24114

typecho 1.1/17.10.30 was discovered to contain a remote code execution (RCE) vulnerability via install.php.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
typecho typecho *
CVE-2023-27130

Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
typecho typecho *
CVE-2023-27131

Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
typecho typecho *
CVE-2023-27711

Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via the Comment Manager /admin/manage-comments.php component.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
typecho typecho *
CVE-2023-30184

A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment.

Products Affected

Vendor Product Version
typecho typecho *
CVE-2023-36299

A File Upload vulnerability in typecho v.1.2.1 allows a remote attacker to execute arbitrary code via the upload and options-general parameters in index.php.

Products Affected

Vendor Product Version
typecho typecho 1.2.1
CVE-2023-49967

Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component /index.php/action/xmlrpc.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
typecho typecho 1.2.1
CVE-2023-6613 LOW

A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown function of the file /admin/options-theme.php of the component Logo Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-247248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 2.4 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N 0.9 1.4
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
typecho typecho 1.2.1
CVE-2023-6614 LOW

A vulnerability classified as problematic was found in Typecho 1.2.1. Affected by this vulnerability is an unknown functionality of the file /admin/manage-pages.php of the component Page Handler. The manipulation leads to backdoor. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247249 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 2.7 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L 1.2 1.4
nvd@nist.gov 2.7 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 1.2 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-912,

Products Affected

Vendor Product Version
typecho typecho 1.2.1
CVE-2023-6615 LOW

A vulnerability, which was classified as problematic, has been found in Typecho 1.2.1. Affected by this issue is some unknown functionality of the file /admin/manage-users.php. The manipulation of the argument page leads to information disclosure. The exploit has been disclosed to the public and may be used. VDB-247250 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 3.5 LOW CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.1 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
typecho typecho 1.2.1
CVE-2024-35538

Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as value of X-Forwarded-For or Client-Ip headers while performing HTTP requests.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
typecho typecho 1.3.0
CVE-2024-35539

Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting function. This vulnerability allows attackers to post several comments before the spam protection checks if the comments are posted too frequently.

Products Affected

Vendor Product Version
typecho typecho 1.3.0
CVE-2024-46494

A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into Name parameter under a comment for an Article.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
typecho typecho 1.2.1
CVE-2024-57369

Clickjacking vulnerability in typecho v1.2.1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L 0.9 5.5

Products Affected

Vendor Product Version
typecho typecho 1.2.1