Filtered by vendor Typo3
Subscribe
Total
478 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0329 | 2 Alex Kellner, Typo3 | 2 Powermail, Typo3 | 2011-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection field" and "typoscript." | |||||
| CVE-2010-0332 | 2 Stefan Tannhaeuser, Typo3 | 2 Tv21 Talkshow, Typo3 | 2011-08-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0331 | 2 Stefan Tannhaeuser, Typo3 | 2 Tv21 Talkshow, Typo3 | 2011-08-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0333 | 2 Matthias Graubner, Typo3 | 2 Mg Help, Typo3 | 2011-07-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0335 | 2 Francisco Cifuentes, Typo3 | 2 Vote For Tt News, Typo3 | 2011-07-26 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0334 | 2 Francisco Cifuentes, Typo3 | 2 Vote For Tt News, Typo3 | 2011-07-25 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0350 | 2 Arco Van Geest, Typo3 | 2 Goof Fotoboek, Typo3 | 2011-05-02 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors. | |||||
| CVE-2010-0346 | 1 Typo3 | 2 Mimi Tipfriends, Typo3 | 2011-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0344 | 1 Typo3 | 2 Typo3, Zak Store Management | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0336 | 1 Typo3 | 2 Kiddog Mysqldumper, Typo3 | 2011-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors. | |||||
| CVE-2010-0347 | 1 Typo3 | 2 Typo3, Vd Gemomap | 2011-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0343 | 1 Typo3 | 2 Pb Clanlist, Typo3 | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0341 | 1 Typo3 | 2 Bb Simplejobs, Typo3 | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0337 | 1 Typo3 | 2 Dl3 Tt News Alerts, Typo3 | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0339 | 1 Typo3 | 2 Typo3, Vm19 Userlinks | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0342 | 1 Typo3 | 2 Job Reports, Typo3 | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0340 | 1 Typo3 | 2 Mjseventpro, Typo3 | 2011-04-29 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6145 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2011-03-08 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-6144 | 1 Typo3 | 2 Typo3, Wec Discussion Forum | 2011-03-08 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the WEC Discussion Forum (wec_discussion) extension 1.7.0 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2008-3029. | |||||
| CVE-2008-5609 | 1 Typo3 | 2 Commerce Extension, Typo3 | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||