Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (521 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-6698 2 Michael Fritz, Typo3 2 Worldcup, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2009-4395 2 Fr.simon Rundell, Typo3 2 Ste Prayer2, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Random Prayer 2 (ste_prayer2) extension 0.0.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6697 2 Michael Fritz, Typo3 2 Worldcup, Typo3 2025-04-09 N/A
SQL injection vulnerability in TARGET-E WorldCup Bets (worldcup) 2.0.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-6694 2 Fr.simon Rundell, Typo3 2 Ste Prayer, Typo3 2025-04-09 N/A
SQL injection vulnerability in Random Prayer (ste_prayer) 0.0.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3028 1 Typo3 1 Send A Card 2025-04-09 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Send-A-Card (sr_sendcard) extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3032 1 Typo3 1 Phpmyadmin 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the phpMyAdmin (phpmyadmin) extension 3.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-3050 1 Typo3 1 Pdf Generator 2 Extension 2025-04-09 N/A
Unspecified vulnerability in the PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to cause a denial of service via unspecified vectors.
CVE-2008-3051 1 Typo3 1 Pinboard Extension 2025-04-09 N/A
SQL injection vulnerability in the Pinboard extension 0.0.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4397 2 Fr.simon Rundell, Typo3 2 Pd Resources, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Resources Database (pd_resources) extension 0.1.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5609 1 Typo3 2 Commerce Extension, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Commerce extension 0.9.6 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6691 2 Diocese Of Portsmouth, Typo3 2 Pd Calendar Today, Typo3 2025-04-09 N/A
SQL injection vulnerability in Diocese of Portsmouth Calendar Today (pd_calendar_today) extension 0.0.3 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2008-3055 1 Typo3 1 Support View Extension 2025-04-09 N/A
SQL injection vulnerability in the Support view (ext_tbl) extension 0.0.102 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6595 1 Typo3 1 Pmk Rssnewsexport Extension 2025-04-09 N/A
SQL injection vulnerability in the pmk_rssnewsexport extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-4656 1 Typo3 2 Frontend Users View, Typo3 2025-04-09 N/A
SQL injection vulnerability in the Frontend Users View (feusersview) 0.1.6 and earlier extension for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-2104 2 Typo3, Udo Von Eynern 2 Typo3, Modern Guest Book Commenting System 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Modern Guestbook / Commenting System (ve_guestbook) extension 2.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-5644 1 Typo3 1 Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the file backend module in TYPO3 4.2.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2009-4391 2 Daniel Regelein, Typo3 2 Dr Blob, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the File list (dr_blob) extension 2.1.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6340 2 Mathieu Vidal, Typo3 2 Mv Vox Populi, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the Vox populi (mv_vox_populi) extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6343 1 Typo3 2 Tu-clausthal Odin, Typo3 2025-04-09 N/A
Cross-site scripting (XSS) vulnerability in the TU-Clausthal ODIN (tuc_odin) extension 0.0.1, 0.1.0, 0.1.1, and 0.2.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-6459 1 Typo3 2 Autobeuser, Typo3 2025-04-09 N/A
SQL injection vulnerability in the auto BE User Registration (autobeuser) extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.