Filtered by vendor Typo3
Subscriptions
Filtered by product Typo3
Subscriptions
Total
440 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-3819 | 2 Typo3, Urs Maag | 2 Typo3, Maag Randomimage | 2024-09-17 | N/A |
Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors. | ||||
CVE-2009-4393 | 2 Daniel Ptzinger, Typo3 | 2 Danp Documentdirs, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the Document Directorys (danp_documentdirs) extension 1.10.7 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2008-6346 | 2 Dennis Royer, Typo3 | 2 Dr Wiki, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the DR Wiki (dr_wiki) extension 1.7.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2009-4967 | 2 Jochen Rieger, Typo3 | 2 Car, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the Car (car) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2012-1082 | 1 Typo3 | 2 Terminal, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the Terminal PHP Shell (terminal) extension 0.3.2 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2010-0335 | 2 Francisco Cifuentes, Typo3 | 2 Vote For Tt News, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2010-1153 | 1 Typo3 | 1 Typo3 | 2024-09-17 | N/A |
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable. | ||||
CVE-2009-4161 | 2 An Searchit, Typo3 | 2 An Searchit, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the [AN] Search it! (an_searchit) extension 2.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2013-4682 | 2 Bas Van Beek, Typo3 | 2 Multishop, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the Multishop extension before 2.0.39 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2010-0328 | 2 Rastislav Birka, Typo3 | 2 Cs2 Unitconv, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2012-1080 | 1 Typo3 | 2 Skt Eurocalc, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the Euro Calculator (skt_eurocalc) extension 0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2010-0345 | 1 Typo3 | 2 Majordomo, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2009-4951 | 2 Hans Olthoff, Typo3 | 2 Alternet Csa Out, Typo3 | 2024-09-17 | N/A |
Unspecified vulnerability in the ClickStream Analyzer [output] (alternet_csa_out) extension 0.3.0 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown vectors. | ||||
CVE-2009-4802 | 2 Joachim Ruhs, Typo3 | 2 Flat Manager, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2008-6338 | 2 Typo3, Weber-ebusiness | 2 Typo3, Wes Facilities | 2024-09-17 | N/A |
SQL injection vulnerability in the WEBERkommunal Facilities (wes_facilities) extension 2.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2012-1087 | 2 Bluechip, Typo3 | 2 Bc Post2facebook, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the Post data records to facebook (bc_post2facebook) extension before 0.2.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2010-1018 | 2 Jochen Rau, Typo3 | 2 Sk Bookreview, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2010-1013 | 2 Fr.simon Rundell, Typo3 | 2 Pd Diocesedatabase, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2009-4159 | 2 Ivan Kartolo, Typo3 | 2 Direct Mail, Typo3 | 2024-09-17 | N/A |
Cross-site scripting (XSS) vulnerability in the newsletter configuration feature in the backend module in the Direct Mail (direct_mail) extension 2.6.4 and earlier for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2010-0322 | 2 Matthias Karr, Typo3 | 2 Mk Anydropdownmenu, Typo3 | 2024-09-17 | N/A |
SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |