Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-09 | CVE-2010-4956 | Cross-Site Scripting vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0 Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-10-09 | CVE-2010-4955 | SQL Injection vulnerability in PHP-Programs Apboard Developers Apboard SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078. | 7.5 |
2011-10-09 | CVE-2010-4954 | SQL Injection vulnerability in Gambio Xt:Commerce Gambio 2008 SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. | 7.5 |
2011-10-09 | CVE-2010-4953 | Unspecified vulnerability in JW Calendar JW Calendar Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2011-10-09 | CVE-2010-4952 | SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9 SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2011-10-09 | CVE-2010-4951 | Cross-Site Scripting vulnerability in Thomas Mammitzsch VX Xajax Shoutbox Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2011-10-09 | CVE-2010-4950 | SQL Injection vulnerability in Joachim Ruhs Event SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2011-10-09 | CVE-2010-4949 | Cross-Site Scripting vulnerability in Evnix Freichat and Freichatpure Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. | 4.3 |
2011-10-09 | CVE-2010-4948 | Code Injection vulnerability in PHPgalleryscript PHP Free Photo Gallery PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. | 7.5 |
2011-10-09 | CVE-2010-4947 | Cross-Site Scripting vulnerability in Allpcscript Allpc 2.5 Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. | 4.3 |