Filtered by vendor Typo3 Subscriptions
Filtered by product Typo3 Subscriptions
Total 440 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-3819 2 Typo3, Urs Maag 2 Typo3, Maag Randomimage 2024-09-17 N/A
Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors.
CVE-2009-4393 2 Daniel Ptzinger, Typo3 2 Danp Documentdirs, Typo3 2024-09-17 N/A
SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6346 2 Dennis Royer, Typo3 2 Dr Wiki, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4967 2 Jochen Rieger, Typo3 2 Car, Typo3 2024-09-17 N/A
SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1082 1 Typo3 2 Terminal, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0335 2 Francisco Cifuentes, Typo3 2 Vote For Tt News, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-1153 1 Typo3 1 Typo3 2024-09-17 N/A
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable.
CVE-2009-4161 2 An Searchit, Typo3 2 An Searchit, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit) extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-4682 2 Bas Van Beek, Typo3 2 Multishop, Typo3 2024-09-17 N/A
SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-0328 2 Rastislav Birka, Typo3 2 Cs2 Unitconv, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-1080 1 Typo3 2 Skt Eurocalc, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0345 1 Typo3 2 Majordomo, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2009-4951 2 Hans Olthoff, Typo3 2 Alternet Csa Out, Typo3 2024-09-17 N/A
Unspecified vulnerability in the ClickStream Analyzer [output] (alternet_csa_out) extension 0.3.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors.
CVE-2009-4802 2 Joachim Ruhs, Typo3 2 Flat Manager, Typo3 2024-09-17 N/A
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2008-6338 2 Typo3, Weber-ebusiness 2 Typo3, Wes Facilities 2024-09-17 N/A
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-1087 2 Bluechip, Typo3 2 Bc Post2facebook, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-1018 2 Jochen Rau, Typo3 2 Sk Bookreview, Typo3 2024-09-17 N/A
SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2010-1013 2 Fr.simon Rundell, Typo3 2 Pd Diocesedatabase, Typo3 2024-09-17 N/A
SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2009-4159 2 Ivan Kartolo, Typo3 2 Direct Mail, Typo3 2024-09-17 N/A
Cross-site scripting (XSS) vulnerability in the newsletter configuration feature in the backend module in the Direct Mail (direct_mail) extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2010-0322 2 Matthias Karr, Typo3 2 Mk Anydropdownmenu, Typo3 2024-09-17 N/A
SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.