Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2011-10-09	CVE-2010-4956	Cross-Site Scripting vulnerability in Nadine Schwingler KE Questionnaire 1.2.1/2.0.0 Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network nadine-schwingler typo3 CWE-79	4.3
2011-10-09	CVE-2010-4955	SQL Injection vulnerability in PHP-Programs Apboard Developers Apboard SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078. network low complexity php-programs CWE-89	7.5
2011-10-09	CVE-2010-4954	SQL Injection vulnerability in Gambio Xt:Commerce Gambio 2008 SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote attackers to execute arbitrary SQL commands via the products_id parameter. network low complexity gambio CWE-89	7.5
2011-10-09	CVE-2010-4953	Unspecified vulnerability in JW Calendar JW Calendar Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors. network low complexity jw-calendar typo3 critical	10.0
2011-10-09	CVE-2010-4952	SQL Injection vulnerability in Joachim Ruhs Festat 0.1.6/0.1.8/0.1.9 SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity joachim-ruhs typo3 CWE-89	7.5
2011-10-09	CVE-2010-4951	Cross-Site Scripting vulnerability in Thomas Mammitzsch VX Xajax Shoutbox Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before 1.0.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network thomas-mammitzsch typo3 CWE-79	4.3
2011-10-09	CVE-2010-4950	SQL Injection vulnerability in Joachim Ruhs Event SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity joachim-ruhs typo3 CWE-89	7.5
2011-10-09	CVE-2010-4949	Cross-Site Scripting vulnerability in Evnix Freichat and Freichatpure Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and the (2) FreiChatPure component before 1.2.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML by entering it in an unspecified window. network evnix joomla CWE-79	4.3
2011-10-09	CVE-2010-4948	Code Injection vulnerability in PHPgalleryscript PHP Free Photo Gallery PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. network low complexity phpgalleryscript CWE-94	7.5
2011-10-09	CVE-2010-4947	Cross-Site Scripting vulnerability in Allpcscript Allpc 2.5 Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. network allpcscript CWE-79	4.3

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities