Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (527 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-5569 2 Heiko Sudar, Typo3 2 Slideshare, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Slideshare extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5570 2 Axel Jung, Typo3 2 Js Css Optimizer, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4970 2 Typo3, Typo3-macher 2 Typo3, T3m Affiliate 2025-04-11 N/A
SQL injection vulnerability in the t3m_affiliate extension 0.5.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4708 2 Maximo Cuadros, Typo3 2 Gb Fenewssubmit, Typo3 2025-04-11 N/A
SQL injection vulnerability in the [Gobernalia] Front End News Submitter (gb_fenewssubmit) extension 0.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-5103 1 Typo3 1 Typo3 2025-04-11 N/A
SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-6288 2 Ingo Renner, Typo3 2 Apache Solr, Typo3 2025-04-11 N/A
Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
CVE-2013-6289 2 Ingo Renner, Typo3 2 Apache Solr, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0345 1 Typo3 2 Majordomo, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-1070 2 Netcreators, Typo3 2 Irfaq, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to the "return url parameter."
CVE-2012-1073 1 Typo3 2 Toi Category, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Category-System (toi_category) extension 0.6.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4748 2 Georg Ringer, Typo3 2 News, Typo3 2025-04-11 N/A
SQL injection vulnerability in the News system (news) extension before 1.3.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-1843 1 Typo3 1 Typo3 2025-04-11 N/A
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2012-1077 2 Manfred Egger, Typo3 2 Bc Post2facebook, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1082 1 Typo3 2 Terminal, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-1083 1 Typo3 2 Terminal, Typo3 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2012-1086 1 Typo3 2 Aeurltool, Typo3 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the UrlTool (aeurltool) extension 0.1.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-1075 2 Robert Gonda, Typo3 2 Rtg Files, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Documents download (rtg_files) extension before 1.5.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1078 2 Claus Due, Typo3 2 Sysutils, Typo3 2025-04-11 N/A
The System Utilities (sysutils) extension 1.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unspecified vectors related to improper "protection" of the "backup output directory."
CVE-2013-4682 2 Bas Van Beek, Typo3 2 Multishop, Typo3 2025-04-11 N/A
SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-4681 2 Michael Staatz, Typo3 2 Sofortueberweisung2commerce, Typo3 2025-04-11 N/A
SQL injection vulnerability in the sofortueberweisung2commerce extension before 2.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.